HEX
Server: LiteSpeed
System: Linux s1049.use1.mysecurecloudhost.com 4.18.0-477.27.2.lve.el8.x86_64 #1 SMP Wed Oct 11 12:32:56 UTC 2023 x86_64
User: xedaptot (3356)
PHP: 8.3.31
Disabled: NONE
Upload Files
File: //proc/self/root/lib/python3.6/site-packages/jwcrypto/__pycache__/jws.cpython-36.pyc
3

�-3[�J�@s�ddlmZddlmZmZddlmZmZddlmZddlm	Z	d+d,d-d.d/d0d1d2d3d4d5d�Z
ddddddddddddgZGd d!�d!e�ZGd"d#�d#e�Z
Gd$d%�d%e�ZGd&d'�d'e�ZGd(d)�d)e�Zd*S)6�)�JWException)�base64url_decode�base64url_encode)�json_decode�json_encode)�JWA)�JWK�	AlgorithmT�JWK Set URLF�JSON Web Key�Key ID�	X.509 URL�X.509 Certificate Chain�"X.509 Certificate SHA-1 Thumbprint�$X.509 Certificate SHA-256 Thumbprint�Type�Content Type�Critical)�algZjkuZjwkZkidZx5uZx5cZx5tzx5t#S256�typZcty�critZHS256ZHS384ZHS512ZRS256ZRS384ZRS512ZES256ZES384ZES512ZPS256ZPS384ZPS512cs"eZdZdZd�fdd�	Z�ZS)�InvalidJWSSignaturez_Invalid JWS Signature.

    This exception is raised when a signature cannot be validated.
    Ncs>d}|rt|�}nd}|r*|dt|�7}tt|�j|�dS)Nz&Unknown Signature Verification Failurez {%s})�str�superr�__init__)�self�message�	exception�msg)�	__class__��/usr/lib/python3.6/jws.pyr(s
zInvalidJWSSignature.__init__)NN)�__name__�
__module__�__qualname__�__doc__r�
__classcell__r r )rr!r"srcs"eZdZdZd�fdd�	Z�ZS)�InvalidJWSObjectzvInvalid JWS Object.

    This exception is raised when the JWS Object is invalid and/or
    improperly formatted.
    Ncs<d}|r|d|7}|r(|dt|�7}tt|�j|�dS)NzInvalid JWS Objectz [%s]z {%s})rrr'r)rrrr)rr r!r:szInvalidJWSObject.__init__)NN)r"r#r$r%rr&r r )rr!r'3sr'cs"eZdZdZd�fdd�	Z�ZS)�InvalidJWSOperationz�Invalid JWS Object.

    This exception is raised when a requested operation cannot
    be execute due to unsatisfied conditions.
    Ncs:d}|r|}nd}|r&|dt|�7}tt|�j|�dS)NzUnknown Operation Failurez {%s})rrr(r)rrrr)rr r!rJszInvalidJWSOperation.__init__)NN)r"r#r$r%rr&r r )rr!r(Csr(c@s2eZdZdZddd�Zdd�Zdd�Zd	d
�ZdS)�JWSCorez�The inner JWS Core object.

    This object SHOULD NOT be used directly, the JWS object should be
    used instead as JWS perform necessary checks on the validity of
    the object and requested operations.

    NcCsl||_|j||�|_t|t�s&td��||_|dk	rXt|t�rFt|�}t	|j
d��|_nd|_t	|�|_dS)a�Core JWS token handling.

        :param alg: The algorithm used to produce the signature.
            See RFC 7518
        :param key: A (:class:`jwcrypto.jwk.JWK`) key of appropriate
            type for the "alg" provided in the 'protected' json string.
        :param header: A JSON string representing the protected header.
        :param payload(bytes): An arbitrary value
        :param algs: An optional list of allowed algorithms

        :raises ValueError: if the key is not a :class:`JWK` object
        :raises InvalidJWAAlgorithm: if the algorithm is not valid, is
            unknown or otherwise not yet implemented.
        zkey is not a JWK objectNzutf-8�)
r�_jwa�engine�
isinstancer�
ValueError�key�dictrr�encode�	protected�payload)rrr/�headerr3�algsr r r!r^s

zJWSCore.__init__cCs&|dkrt}||krtd��tj|�S)NzAlgorithm not allowed)�default_allowed_algsr(rZsigning_alg)r�nameZallowedr r r!r+{s
zJWSCore._jwacCs<dj|j|jg�jd�}|jj|j|�}|j|jt|�d�S)zGenerates a signature�.zutf-8)r2r3�	signature)�joinr2r3r1r,�signr/r)r�siginr9r r r!r;�s
zJWSCore.signcCsdy.dj|j|jg�jd�}|jj|j||�Wn0tk
r^}ztdt	|���WYdd}~XnXdS)z^Verifies a signature

        :raises InvalidJWSSignature: if the verification fails.
        r8zutf-8zVerification failedNT)
r:r2r3r1r,�verifyr/�	Exceptionr�repr)rr9r<�er r r!r=�s zJWSCore.verify)N)r"r#r$r%rr+r;r=r r r r!r)Us

r)c@s�eZdZdZddd�Zdd�Zedd��Zejd	d��Zed
d��Z	dd
�Z
ddd�Zddd�Zd dd�Z
d!dd�Zd"dd�Zedd��Zedd��ZdS)#�JWSzFJSON Web Signature object

    This object represent a JWS token.
    NcCs&t�|_|r||jd<d|_d|_dS)z]Creates a JWS object.

        :param payload(bytes): An arbitrary value (optional).
        r3N)r0�objects�	verifylog�
_allowed_algs)rr3r r r!r�s

zJWS.__init__cCs@x:|D]2}|tkr td|��qt|dstd|��qWdS)NzUnknown critical header: "%s"�z!Unsupported critical header: "%s")�JWSHeaderRegistryr)rr�kr r r!�_check_crit�s

zJWS._check_critcCs|jr|jStSdS)z�Allowed algorithms.

        The list of allowed algorithms.
        Can be changed by setting a list of algorithm names.
        N)rDr6)rr r r!�allowed_algs�szJWS.allowed_algscCst|t�std��||_dS)NzAllowed Algs must be a list)r-�list�	TypeErrorrD)rr5r r r!rI�s
cCs|jjdd�S)N�validF)rB�get)rr r r!�is_valid�szJWS.is_validcCs8x(t|j��D]}||krtd|��qW|j|�|S)NzDuplicate header: "%s")rJ�keysr'�update)rZh1Zh2rGr r r!�_merge_headers�s

zJWS._merge_headersc
Cs�|dk	rt|�}nt�}t|t�s*td��|rLt|t�s@td��|j||�}d|krb|j|d�|dkrzd|krztd��|r�d|kr�||dkr�td||df��|}n|d}t|||||j�}	|	j|�dS)NzInvalid Protected headerzInvalid Unprotected headerrrzNo "alg" in headersz*"alg" mismatch, requested "%s", found "%s")	rr0r-rrQrHr)rDr=)
rrr/r3r9r2r4�p�a�cr r r!�_verify�s,


zJWS._verifycCsHt�|_d|jd<|j}d|kr�y8|j|||d|d|jdd�|jdd��d|d<Wn6tk
r�}z|jjd	t|��WYdd}~XnXn�d
|k�r"x�|d
D]v}y8|j|||d|d|jdd�|jdd��d|d<Wq�tk
�r}z|jjd	t|��WYdd}~Xq�Xq�Wntd��|j	�sDtdt|j���dS)
a=Verifies a JWS token.

        :param key: The (:class:`jwcrypto.jwk.JWK`) verification key.
        :param alg: The signing algorithm (optional). usually the algorithm
            is known as it is provided with the JOSE Headers of the token.

        :raises InvalidJWSSignature: if the verification fails.
        FrLr9r3r2Nr4TzFailed: [%s]�
signatureszNo signatures availblez&Verification failed for all signatures)
rJrCrBrUrMr>�appendr?rrN)rr/r�objr@�or r r!r=�s8


(

,z
JWS.verifycCs�t�|_t�}�y�y�t|�}tt|d��|d<d|kr�t�|d<x�|dD]f}t�}tt|d��|d<d|kr�tt|d��}|jd�|d<d|kr�|d|d<|dj|�qLWnPtt|d��|d<d|kr�tt|d��}|jd�|d<d|k�r|d|d<Wn�tk
�r�|j	d�}	t
|	�dk�r<td	��tt|	d
��}t
|�d
k�rh|jd�|d<tt|	d��|d<tt|	d��|d<YnX||_Wn2tk
�r�}
ztd
t
|
���WYdd}
~
XnX|�r�|j||�dS)a�Deserialize a JWS token.

        NOTE: Destroys any current status and tries to import the raw
        JWS provided.

        :param raw_jws: a 'raw' JWS token (JSON Encoded or Compact
         notation) string.
        :param key: A (:class:`jwcrypto.jwk.JWK`) verification key (optional).
         If a key is provided a verification step will be attempted after
         the object is successfully deserialized.
        :param alg: The signing algorithm (optional). usually the algorithm
         is known as it is provided with the JOSE Headers of the token.

        :raises InvalidJWSObject: if the raw object is an invaid JWS token.
        :raises InvalidJWSSignature: if the verification fails.
        r3rVr9r2zutf-8r4r8�zUnrecognized representationrrE�zInvalid formatN)r0rBrrrrJ�decoderWr.�split�lenr'r>r?r=)rZraw_jwsr/rrYZdjws�s�osrRrTr@r r r!�deserializesJ



 zJWS.deserializecCs�|jjdd�std��t�}|rPt|t�r2t|�}t|�}d|krP|j|d�|rzt|t�rft|�}t|�}|j||�}d|kr�|dkr�|d}n||dkr�t	d��|dkr�t	d��t
||||jd�}|j�}t�}	t|d�|	d<|r�||	d	<|�r||	d
<d|	d<d
|jk�r*|jd
j
|	�n�d|jk�r�t�|jd
<t�}
|jjd�|
d<d	|jk�rt|jjd	�|
d	<d
|jk�r�|jjd
�|
d
<d|jk�r�|jjd�|
d<|jd
j
|
�|jd
j
|	�n|jj|	�dS)a!Adds a new signature to the object.

        :param key: A (:class:`jwcrypto.jwk.JWK`) key of appropriate for
         the "alg" provided.
        :param alg: An optional algorithm name. If already provided as an
         element of the protected or unprotected header it can be safely
         omitted.
        :param potected: The Protected Header (optional)
        :param header: The Unprotected Header (optional)

        :raises InvalidJWSObject: if no payload has been set on the object.
        :raises ValueError: if the key is not a :class:`JWK` object.
        :raises ValueError: if the algorithm is missing or is not provided
         by one of the headers.
        :raises InvalidJWAAlgorithm: if the algorithm is not valid, is
         unknown or otherwise not yet implemented.
        r3NzMissing PayloadrrzF"alg" value mismatch, specified "alg" does not match JOSE header valuez"alg" not specifiedr9r2r4TrLrV)rBrMr'r0r-rrrHrQr.r)r;rrWrJ�poprP)rr/rr2r4rR�hrT�sigrY�nr r r!�
add_signatureZsZ


zJWS.add_signatureFcCs�|r�d|jkrtd��d|jkr(td��|jjdd�s>td��d|jkrXt|jd�}nd	}d
j|t|jd�t|jd�g�S|j}d|kr�|jdd�s�td��t|d�t|d�d�}d|kr�t|d�|d<d
|kr�|d
|d
<n�d|k�r�t|d�t�d�}xr|dD]f}|jdd��s(�qdt|d�i}d|k�rRt|d�|d<d
|k�rh|d
|d
<|dj|��qWt|d�dk�r�td��ntd��t	|�SdS)a�Serializes the object into a JWS token.

        :param compact(boolean): if True generates the compact
         representation, otherwise generates a standard JSON format.

        :raises InvalidJWSOperation: if the object cannot serialized
         with the compact representation and `compat` is True.
        :raises InvalidJWSSignature: if no signature has been added
         to the object, or no valid signature can be found.
        rVz3Can't use compact encoding with multiple signaturesr9zNo available signaturerLFzNo valid signature foundr2r*r8r3)r3r9r4)r3rVrN)
rBr(rrMrr:rJrWr^r)rZcompactr2rXrdrYr_r r r!�	serialize�sN









z
JWS.serializecCs*d|jkrtd��|js td��|jdS)Nr3zPayload not availablezPayload not verified)rBr(rN)rr r r!r3�s

zJWS.payloadcCs�|j}d|krNt�}d|kr4t|d�}|j||�}|j||jdt���}|Sd|jkr�t�}xV|dD]J}t�}d|kr�t|d�}|j||�}|j||jdt���}|j|�qhW|Std��dS)Nr9r2r4rVzJOSE Header(s) not available)rBr0rrQrMrJrWr()rrXZjhrRZjhlrYr r r!�jose_header�s&
zJWS.jose_header)N)N)N)NN)NNN)F)r"r#r$r%rrH�propertyrI�setterrNrQrUr=rarfrgr3rhr r r r!rA�s



"
+
<
K
8rAN)r	T)r
F)rF)rT)r
F)rF)rF)rF)rT)rT)rT)Zjwcrypto.commonrrrrrZjwcrypto.jwarZjwcrypto.jwkrrFr6rr'r(�objectr)rAr r r r!�<module>s2
B