U dZdTe j?dAdBdZ@ej,e=e j?dCdDdZAedEdFGdGddZBe jCdHdIdJZDdKdLZEe jFe jGdMdNdZHe jFeBdMdOdZIejJfeeeKe=e eKeLfdPdQd!ZMdS)Ua General tools related to Cryptographic Message Syntax (CMS) signatures, not necessarily to the extent implemented in the PDF specification. CMS is defined in :rfc:`5652`. To parse CMS messages, pyHanko relies heavily on `asn1crypto `_. N) dataclass)IOIterableListTupleUnion)algoscmstspx509)SignedDigestAlgorithm)hashes serialization)padding) RSAPublicKey) Prehashed)*)miscsimple_cms_attributefind_cms_attributefind_unique_cms_attributeNonexistentAttributeErrorMultivaluedAttributeError SigningErrorUnacceptableSignerErrorSignedDataCertsextract_signer_infoextract_certificate_infoget_cms_hash_algo_for_mechanismget_pyca_cryptography_hash&get_pyca_cryptography_hash_for_signingoptimal_pss_paramsprocess_pss_paramsas_signing_certificateas_signing_certificate_v2match_issuer_serialcheck_ess_certidCMSExtractionErrorbyte_range_digestValueErrorWithMessageCMSStructuralErrorZload_cert_from_pemderZload_certs_from_pemderZload_certs_from_pemder_dataZload_private_key_from_pemderZ!load_private_key_from_pemder_datacs eZdZdZfddZZS)r)z Value error with a failure message attribute that can be conveniently extracted, instead of having to rely on extracting exception args generically. cst||_t|dSN)strfailure_messagesuper__init__)selfr- __class__8/tmp/pip-unpacked-wheel-w101_d3s/pyhanko/sign/general.pyr/Bs zValueErrorWithMessage.__init__)__name__ __module__ __qualname____doc__r/ __classcell__r3r3r1r4r);sc@seZdZdZdS)r*z!Structural error in a CMS object.Nr5r6r7r8r3r3r3r4r*Gsc@s eZdZdS)r'Nr5r6r7r3r3r3r4r'KscCstt||fdS)a Convenience method to quickly construct a CMS attribute object with one value. :param attr_type: The attribute type, as a string or OID. :param value: The value. :return: A :class:`.cms.CMSAttribute` object. )typevalues)r Z CMSAttributeZCMSAttributeType)Z attr_typevaluer3r3r4rOs c@s eZdZdS)rNr;r3r3r3r4r`sc@s eZdZdS)rNr;r3r3r3r4rdscCs`d}|r@|D]2}|dj|kr |dk r6td|d|d}q |dk rL|Std|ddS)a Find and return CMS attribute values of a given type. .. note:: This function will also check for duplicates, but not in the sense of multivalued attributes. In other words: multivalued attributes are allowed; listing the same attribute OID more than once is not. :param attrs: The :class:`.cms.CMSAttributes` object. :param name: The attribute type as a string (as defined in ``asn1crypto``). :return: The values associated with the requested type, if present. :raise NonexistentAttributeError: Raised when no such type entry could be found in the :class:`.cms.CMSAttributes` object. :raise CMSStructuralError: Raised if the given OID occurs more than once. Nr<z Attribute z was duplicatedr=zUnable to locate attribute .)nativer*r)attrsnameZ found_valuesattrr3r3r4rhs  cCs8t||}t|dkr0td|dt|d|dS)a  Find and return a unique CMS attribute value of a given type. :param attrs: The :class:`.cms.CMSAttributes` object. :param name: The attribute type as a string (as defined in ``asn1crypto``). :return: The value associated with the requested type, if present. :raise NonexistentAttributeError: Raised when no such type entry could be found in the :class:`.cms.CMSAttributes` object. :raise MultivaluedAttributeError: Raised when the attribute's cardinality is not 1. zExpected single-valued z attribute, but found z valuesr)rlenr)rArBr=r3r3r4rs   )certreturnc CsFtdtt|td|j ig|ddddgiS)a Format an ASN.1 ``SigningCertificate`` object, where the certificate is identified by its SHA-1 digest. :param cert: An X.509 certificate. :return: A :class:`tsp.SigningCertificate` object referring to the original certificate. certsdirectory_nametbs_certificate serial_numberissuerrK) cert_hash issuer_serial) r SigningCertificate ESSCertIDhashlibsha1dumpdigestr GeneralNamerM)rFr3r3r4r#s" sha256c Csft|}t|}|||}tdtd|i|t d|j ig|ddddgiS)a Format an ASN.1 ``SigningCertificateV2`` value, where the certificate is identified by the hash algorithm specified. :param cert: An X.509 certificate. :param hash_algo: Hash algorithm to use to digest the certificate. Default is SHA-256. :return: A :class:`tsp.SigningCertificateV2` object referring to the original certificate. rH algorithmrIrJrKrL)hash_algorithmrNrO) rr HashupdaterTfinalizer SigningCertificateV2 ESSCertIDv2r rVrM)rF hash_algo hash_specmd digest_valuer3r3r4r$s, )rFcertidcCsvt|tjrd}n|ddj}t|}t|}||| }|dj}||kr^dS|d}| ptt ||S)a Match an ``ESSCertID`` value against a certificate. :param cert: The certificate to match against. :param certid: The ``ESSCertID`` value. :return: ``True`` if the ``ESSCertID`` matches the certificate, ``False`` otherwise. rSrYrXrNFrO) isinstancer rQr@rr rZr[rTr\r%)rFrcr_r`rarbZexpected_digest_valueexpected_issuer_serialr3r3r4r&s   )rerFrGcCs|dd}|d}t|tjrHt|dks:|djdkr>dS|dj}z ||jkpd||jk}Wntk rd}YnX|o|d|kS)a~ Match the issuer and serial number of an X.509 certificate against some expected identifier. :param expected_issuer_serial: A certificate identifier, either :class:`cms.IssuerAndSerialNumber` or :class:`tsp.IssuerSerial`. :param cert: An :class:`x509.Certificate`. :return: ``True`` if there's a match, ``False`` otherwise. rJrKrMrDrrIF) rdr GeneralNamesrErBchosenrTrM ValueError)rerFZ serial_asn1Zexpected_issuerZ issuer_matchr3r3r4r%s"      cs&eZdZdZedfdd ZZS)rz1 Error encountered while signing a file. )msgcs||_tj|f|dSr+)rir.r/)r0riargsr1r3r4r/QszSigningError.__init__)r5r6r7r8r,r/r9r3r3r1r4rLsc@seZdZdZdS)rz= Error raised when a signer was judged unacceptable. Nr:r3r3r3r4rVs)rGcCs,|dkrtjddStt|SdS)N)shake256Z shake256_len@) digest_size)lowerr SHAKE256getattrupperrXr3r3r4r^s  FcCst|}|rt|S|Sr+)rr)rX prehashedr_r3r3r4r gs)mechrGcCs(|j}|dkrdS|dkrdS|jSdS)a% Internal function that takes a :class:`.SignedDigestAlgorithm` instance and returns the name of the digest algorithm that has to be used to compute the ``messageDigest`` attribute. :param mech: A signature mechanism. :return: A digest algorithm name. ed25519sha512ed448rkN)Zsignature_algor_)rtZsig_algor3r3r4rns )paramsc Cs|d}|dj}||kr8td|d|d|d}|djdksVtd|d dj}||krtd |d |d |d j}t|}t||d} tj tj |d|d} | | fS)zs Extract PSS padding settings and message digest from an ``RSASSAPSSParams`` value. Internal API. rYrXzPSS MD 'z ' must agree with signature MD 'z'.mask_gen_algorithmmgf1zOnly MFG1 is supported parameterszMessage digest for MGF1 is z", and the one used for signing is zL. If these do not agree, some software may refuse to validate the signature. salt_length)rsrr)mgfr|) r@casefoldrhNotImplementedErrorloggerwarningrr rPSSMGF1) rxdigest_algorithmrsr_Zmd_nameZmgaZ mgf_md_nameZsalt_lenZmgf_mdraZ pss_paddingr3r3r4r"s,     )rFrrGc Csz|}t|j}t|ts4tdt|t |}t ||}t t d|it dt d|id|dS)a" Figure out the optimal RSASSA-PSS parameters for a given certificate. The subject's public key must be an RSA key. :param cert: An RSA X.509 certificate. :param digest_algorithm: The digest algorithm to use. :return: RSASSA-PSS parameters. z&Expected RSA key, but got key of type rXrz)rXr{)rYryr|)rnrload_der_public_key public_keyrTrdrrr<rrcalculate_max_pss_salt_lengthrRSASSAPSSParamsZDigestAlgorithmZMaskGenAlgorithm)rFrkeyraZoptimal_salt_lenr3r3r4r!s(  T)frozenc@s8eZdZUdZejed<eejed<eej ed<dS)rzT Value type to describe certificates included in a CMS signed data payload. signer_cert other_certsattribute_certsN) r5r6r7r8r Certificate__annotations__rr ZAttributeCertificateV2r3r3r3r4rs  sidcsFjdkrfddSjdkr>jjtdfddStdS)NZissuer_and_serial_numbercs tj|Sr+)r%rgcrr3r4z'_get_signer_predicate..Zsubject_key_identifierzThe signature in this SignedData value seems to be identified by a subject key identifier --- this is legal in CMS, but many PDF viewers and SDKs do not support this feature.cs |jkSr+)key_identifierr)skir3r4rr)rBrgr@rrrrr3)rrr4_get_signer_predicates    rcCsNt|d}d}g}|D]}||r*|}q||q|dkrFtd||fS)Nrz,signer certificate not included in signature)rappendr')rH signer_info predicaterFrrr3r3r4_partition_certss  r) signed_datarGcCs2z|d\}|WStk r,tdYnXdS)a5 Extract the unique ``SignerInfo`` entry of a CMS signed data value, or throw a ``ValueError``. :param signed_data: A CMS ``SignedData`` value. :return: A CMS ``SignerInfo`` value. :raises ValueError: If the number of ``SignerInfo`` values is not exactly one. Z signer_infosz-signer_infos should contain exactly one entryN)rhr')rrr3r3r4r s  c Csrg}g}|dD]8}|j}|jdkr4||q|jdkr||qt|}t||\}}t|||d}|S)a Extract and classify embedded certificates found in the ``certificates`` field of the signed data value. :param signed_data: A CMS ``SignedData`` value. :return: A :class:`SignedDataCerts` object containing the embedded certificates. certificates certificateZ v2_attr_cert)rrr)rgZuntagrBrrrr) rrHZ attr_certsrrFrrrZ cert_infor3r3r4r"s       )stream byte_range md_algorithmrGc Csbt|}t|}d}t|}t|D],\}} ||tj|||| d|| 7}q(||fS)a  Internal API to compute byte range digests. Potentially dangerous if used without due caution. :param stream: Stream over which to compute the digest. Must support seeking and reading. :param byte_range: The byte range, as a list of (offset, length) pairs, flattened. :param md_algorithm: The message digest algorithm to use. :param chunk_size: The I/O chunk size to use. :return: A tuple of the total digested length, and the actual digest. r)Zmax_read) rr rZ bytearrayrZ pair_iterseekZchunked_digestr\) rrr chunk_sizeZmd_specraZ total_lenZ chunk_bufloZ chunk_lenr3r3r4r(?s   )rW)F)F)Nr8rRlogging dataclassesrtypingrrrrrZ asn1cryptorr r r Zasn1crypto.algosr Zcryptography.hazmat.primitivesr r)cryptography.hazmat.primitives.asymmetricrZ-cryptography.hazmat.primitives.asymmetric.rsarZ/cryptography.hazmat.primitives.asymmetric.utilsrZ pyhanko.keysZpyhanko.pdf_utilsr__all__ getLoggerr5rrhr)r*r'rKeyErrorrrrrrrPr#r]r$rQr^r&ZIssuerAndSerialNumberZ IssuerSerialboolr%rr HashAlgorithmrr r,rrr"r!rZSignerIdentifierrrZ SignedDataZ SignerInforrZDEFAULT_CHUNK_SIZEintbytesr(r3r3r3r4s        &$ / ! 4    ( )!