ó ùR‹_c@sSdZddlZddlmZddlmZddlmZddlm Z ddl Zddl Z ddl m Z ddlmZd Zy:e jd ƒjZee jd ƒkrÉeeƒ‚nWn e jk rìeeƒ‚nXd ZejƒZe jƒZejƒZd ejfd„ƒYZdej ej!fd„ƒYZ"dS(sÐRSA verifier and signer that use the ``cryptography`` library. This is a much faster implementation than the default (in ``google.auth.crypt._python_rsa``), which depends on the pure-Python ``rsa`` library. iÿÿÿÿN(tbackends(thashes(t serialization(tpadding(t_helpers(tbasesMcryptography>=1.4.0 is required to use cryptography-based RSA implementation.t cryptographys1.4.0s-----BEGIN CERTIFICATE-----t RSAVerifiercBsAeZdZd„Zejejƒd„ƒZe d„ƒZ RS(sàVerifies RSA cryptographic signatures using public keys. Args: public_key ( cryptography.hazmat.primitives.asymmetric.rsa.RSAPublicKey): The public key used to verify signatures. cCs ||_dS(N(t_pubkey(tselft public_key((s\/var/www/syncserver/local/lib/python2.7/site-packages/google/auth/crypt/_cryptography_rsa.pyt__init__<scCsUtj|ƒ}y!|jj||ttƒtSWnttj j fk rPt SXdS(N( Rtto_bytesRtverifyt_PADDINGt_SHA256tTruet ValueErrorRt exceptionstInvalidSignaturetFalse(R tmessaget signature((s\/var/www/syncserver/local/lib/python2.7/site-packages/google/auth/crypt/_cryptography_rsa.pyR ?s cCs[tj|ƒ}t|kr?tjj|tƒ}|jƒ}ntj |tƒ}||ƒS(syConstruct an Verifier instance from a public key or public certificate string. Args: public_key (Union[str, bytes]): The public key in PEM format or the x509 public key certificate. Returns: Verifier: The constructed verifier. Raises: ValueError: If the public key can't be parsed. ( RR t_CERTIFICATE_MARKERRtx509tload_pem_x509_certificatet_BACKENDR Rtload_pem_public_key(tclsR tpublic_key_datatcerttpubkey((s\/var/www/syncserver/local/lib/python2.7/site-packages/google/auth/crypt/_cryptography_rsa.pyt from_stringHs   ( t__name__t __module__t__doc__R Rtcopy_docstringRtVerifierR t classmethodR (((s\/var/www/syncserver/local/lib/python2.7/site-packages/google/auth/crypt/_cryptography_rsa.pyR3s  t RSASignercBsheZdZdd„Zeejej ƒd„ƒƒZ ejej ƒd„ƒZ e dd„ƒZ RS(s…Signs messages with an RSA private key. Args: private_key ( cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateKey): The private key to sign with. key_id (str): Optional key ID used to identify this private key. This can be useful to associate the private key with its associated public key or certificate. cCs||_||_dS(N(t_keyt_key_id(R t private_keytkey_id((s\/var/www/syncserver/local/lib/python2.7/site-packages/google/auth/crypt/_cryptography_rsa.pyR qs cCs|jS(N(R)(R ((s\/var/www/syncserver/local/lib/python2.7/site-packages/google/auth/crypt/_cryptography_rsa.pyR+uscCs%tj|ƒ}|jj|ttƒS(N(RR R(tsignRR(R R((s\/var/www/syncserver/local/lib/python2.7/site-packages/google/auth/crypt/_cryptography_rsa.pyR,zscCs:tj|ƒ}tj|dddtƒ}||d|ƒS(slConstruct a RSASigner from a private key in PEM format. Args: key (Union[bytes, str]): Private key in PEM format. key_id (str): An optional key id used to identify the private key. Returns: google.auth.crypt._cryptography_rsa.RSASigner: The constructed signer. Raises: ValueError: If ``key`` is not ``bytes`` or ``str`` (unicode). UnicodeDecodeError: If ``key`` is ``bytes`` but cannot be decoded into a UTF-8 ``str``. ValueError: If ``cryptography`` "Could not deserialize key data." tpasswordtbackendR+N(RR Rtload_pem_private_keytNoneR(RtkeyR+R*((s\/var/www/syncserver/local/lib/python2.7/site-packages/google/auth/crypt/_cryptography_rsa.pyR sN(R!R"R#R0R tpropertyRR$RtSignerR+R,R&R (((s\/var/www/syncserver/local/lib/python2.7/site-packages/google/auth/crypt/_cryptography_rsa.pyR'es  (#R#tcryptography.exceptionsRtcryptography.hazmatRtcryptography.hazmat.primitivesRRt)cryptography.hazmat.primitives.asymmetricRtcryptography.x509t pkg_resourcest google.authRtgoogle.auth.cryptRt_IMPORT_ERROR_MSGtget_distributiontparsed_versiontreleaset parse_versiont ImportErrortDistributionNotFoundRtdefault_backendRtPKCS1v15RtSHA256RR%RR3tFromServiceAccountMixinR'(((s\/var/www/syncserver/local/lib/python2.7/site-packages/google/auth/crypt/_cryptography_rsa.pyts,      2