o Mf&@sdZddlZddlmZddlmZddlmZddlm Z ddl Zddl m Z ddl mZd ZeZe ZeZGd d d ejZGd d d ejejZdS)zRSA verifier and signer that use the ``cryptography`` library. This is a much faster implementation than the default (in ``google.auth.crypt._python_rsa``), which depends on the pure-Python ``rsa`` library. N)backends)hashes) serialization)padding)_helpers)bases-----BEGIN CERTIFICATE-----c@s8eZdZdZddZeejddZ e ddZ dS) RSAVerifierzVerifies RSA cryptographic signatures using public keys. Args: public_key ( cryptography.hazmat.primitives.asymmetric.rsa.RSAPublicKey): The public key used to verify signatures. cCs ||_dSN)_pubkey)self public_keyr e/var/www/html/analyze/labelStudio/lib/python3.10/site-packages/google/auth/crypt/_cryptography_rsa.py__init__/s zRSAVerifier.__init__c Cs@t|}z |j||ttWdSttjj fyYdSw)NTF) rto_bytesr verify_PADDING_SHA256 ValueError cryptography exceptionsInvalidSignature)r message signaturer r rr2s zRSAVerifier.verifycCsDt|}t|vrtj|t}|}||St |t}||S)ayConstruct an Verifier instance from a public key or public certificate string. Args: public_key (Union[str, bytes]): The public key in PEM format or the x509 public key certificate. Returns: Verifier: The constructed verifier. Raises: ValueError: If the public key can't be parsed. ) rr_CERTIFICATE_MARKERrx509load_pem_x509_certificate_BACKENDr rload_pem_public_key)clsr public_key_datacertpubkeyr r r from_string;s  zRSAVerifier.from_stringN) __name__ __module__ __qualname____doc__rrcopy_docstringrVerifierr classmethodr#r r r rr&s  rc@sdeZdZdZdddZeeej ddZ eej ddZ e dd d Z d d Zd dZdS) RSASigneraSigns messages with an RSA private key. Args: private_key ( cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateKey): The private key to sign with. key_id (str): Optional key ID used to identify this private key. This can be useful to associate the private key with its associated public key or certificate. NcCs||_||_dSr )_key_key_id)r private_keykey_idr r rrds zRSASigner.__init__cCs|jSr )r-)r r r rr/hszRSASigner.key_idcCst|}|j|ttSr )rrr,signrr)r rr r rr0ms zRSASigner.signcCs&t|}tj|dtd}|||dS)alConstruct a RSASigner from a private key in PEM format. Args: key (Union[bytes, str]): Private key in PEM format. key_id (str): An optional key id used to identify the private key. Returns: google.auth.crypt._cryptography_rsa.RSASigner: The constructed signer. Raises: ValueError: If ``key`` is not ``bytes`` or ``str`` (unicode). UnicodeDecodeError: If ``key`` is ``bytes`` but cannot be decoded into a UTF-8 ``str``. ValueError: If ``cryptography`` "Could not deserialize key data." N)passwordbackend)r/)rrrload_pem_private_keyr)rkeyr/r.r r rr#rs  zRSASigner.from_stringcCs0|j}|jjtjjtjjt d|d<|S)z1Pickle helper that serializes the _key attribute.)encodingformatencryption_algorithmr,) __dict__copyr, private_bytesrEncodingPEM PrivateFormatPKCS8 NoEncryptionr stater r r __getstate__s  zRSASigner.__getstate__cCs$t|dd|d<|j|dS)z3Pickle helper that deserializes the _key attribute.r,N)rr3r8updater@r r r __setstate__szRSASigner.__setstate__r )r$r%r&r'rpropertyrr(rSignerr/r0r*r#rBrDr r r rr+Xs       r+)r'cryptography.exceptionsrcryptography.hazmatrcryptography.hazmat.primitivesrr)cryptography.hazmat.primitives.asymmetricrcryptography.x509 google.authrgoogle.auth.cryptrrdefault_backendrPKCS1v15rSHA256rr)rrFFromServiceAccountMixinr+r r r rs      2