o e|@sddlZddlmZmZmZmZddlmZmZgdZ dddZ Gdd d e Z Gd d d e Z Gd d d e ZGddde ZGddde ZGddde ZGddde ZGddde ZGddde ZdS)N) byte_stringbbchrbord) long_to_bytes bytes_to_long) DerObject DerIntegerDerOctetStringDerNull DerSequence DerObjectId DerBitStringDerSetOfFcCs4d}z||}Wn tyYdSw| p|dkS)NrF) TypeError)xonly_non_negativetestr6/usr/lib/python3/dist-packages/Cryptodome/Util/asn1.py _is_number!s  rc@s@eZdZdZddZddZddZdd Zd d Zd d Z dS) BytesIO_EOFzeThis class differs from BytesIO in that a ValueError exception is raised whenever EOF is reached.cCs||_d|_d|_dSNr)_buffer_index _bookmark)self initial_bytesrrr__init__.s zBytesIO_EOF.__init__cCs |j|_dSN)rrrrrr set_bookmark3 zBytesIO_EOF.set_bookmarkcCs |jdusJ|j|j|jSr)rrrr rrrdata_since_bookmark6szBytesIO_EOF.data_since_bookmarkcCst|j|jSr)lenrrr rrrremaining_data:zBytesIO_EOF.remaining_datacCsH|j|}|t|jkrtd|t|jf|j|j|}||_|S)Nz@Not enough data for DER decoding: expected %d bytes and found %d)rr$r ValueError)rlength new_indexresultrrrread=s zBytesIO_EOF.readcCst|ddS)Nr)rr+r rrr read_byteFzBytesIO_EOF.read_byteN) __name__ __module__ __qualname____doc__rr!r#r%r+r-rrrrr*s rc@sTeZdZdZ  dddZddZed d Zd d Zd dZ dddZ ddZ dS)rzpBase class for defining a single DER object. This class should never be directly instantiated. NFcCs|dur d|_dS||}||_d||fvrtd|dur-dd|B||B|_dS|durBd||B|_d||B|_dSd||B|_dS)aInitialize the DER object according to a specific ASN.1 type. :Parameters: asn1Id : integer The universal DER tag number for this object (e.g. 0x10 for a SEQUENCE). If None, the tag is not known yet. payload : byte string The initial payload of the object (that it, the content octets). If not specified, the payload is empty. implicit : integer The IMPLICIT tag number to use for the encoded object. It overrides the universal tag *asn1Id*. constructed : bool True when the ASN.1 type is *constructed*. False when it is *primitive*. explicit : integer The EXPLICIT tag number to use for the encoded object. Nz1Explicit and implicit tags are mutually exclusive ) _tag_octet _convertTagpayloadr'_inner_tag_octet)rasn1Idr9implicit constructedexplicitrrrrPs  zDerObject.__init__cCsPt|st|dkrt|d}t|r"d|kr!dks&tdtd|S)zvCheck if *tag* is a real DER tag. Convert it from a character to number if necessary. r,rz Wrong DER tag)rr$rr')rtagrrrr8s  zDerObject._convertTagcCs,|dkrt|}tt|d|St|S)zXBuild length octets according to BER/DER definite form. r4)rrr$)r(encodingrrr_definite_formszDerObject._definite_formcCsL|j}t|drt|j|t|j|j}t|j|t||S)z?Return this DER element, fully encoded as a binary byte string.r:)r9hasattrrr:rCr$r7)routput_payloadrrrencodes  zDerObject.encodecCsR|}|dkr'||d@}t|ddkrtdt|}|dkr'td|S)z%Decode DER length octets from a file.rArz$Invalid DER: length has leading zeroz5Invalid DER: length in long form but smaller than 128)r-r+rr'r)rsr(encoded_lengthrrr _decodeLenszDerObject._decodeLencCs<t|stdt|}||||dkrtd|S)aDecode a complete DER element, and re-initializes this object with it. Args: der_encoded (byte string): A complete DER element. Raises: ValueError: in case of parsing errors. zInput is not a byte stringr-Unexpected extra data after the DER structure)rr'r_decodeFromStreamr%)r der_encodedstrictrGrrrdecodes   zDerObject.decodecCs|}|jdur||jkrtdn||_||}|||_t|drMt|j}|}||jkr8td||}|||_| dkrOtddSdS)z*Decode a complete DER element from a file.NzUnexpected DER tagr:zUnexpected internal DER tagrrJ) r-r7r'rIr+r9rDrr:r%)rrGrMidOctetr(p inner_octetrrrrKs&           zDerObject._decodeFromStream)Nr3NFNF) r/r0r1r2rr8 staticmethodrCrFrIrNrKrrrrrJs ?    rc@4eZdZdZd ddZddZdd d Zd d ZdS)r aClass to model a DER INTEGER. An example of encoding is:: >>> from Cryptodome.Util.asn1 import DerInteger >>> from binascii import hexlify, unhexlify >>> int_der = DerInteger(9) >>> print hexlify(int_der.encode()) which will show ``020109``, the DER encoding of 9. And for decoding:: >>> s = unhexlify(b'020109') >>> try: >>> int_der = DerInteger() >>> int_der.decode(s) >>> print int_der.value >>> except ValueError: >>> print "Not a valid DER INTEGER" the output will be ``9``. :ivar value: The integer value :vartype value: integer rNcCt|dd|d|||_dS)aUInitialize the DER object as an INTEGER. :Parameters: value : integer The value of the integer. implicit : integer The IMPLICIT tag to use for the encoded object. It overrides the universal tag for INTEGER (2). r3FNrrvaluerrXr<r>rrrrs  zDerInteger.__init__cCs||j}d|_ tt|d@|j|_d|krdkr'nntd|j|_d|kr1dkr4nnn|dL}qt|S)zIReturn the DER INTEGER, fully encoded as a binary string.r3Tr4ri)rXr9rintrrF)rnumberrrrrF%s zDerInteger.encodeFcCstj|||dS)a!Decode a complete DER INTEGER DER, and re-initializes this object with it. Args: der_encoded (byte string): A complete INTEGER DER element. Raises: ValueError: in case of parsing errors. rMrrNrrLrMrrrrN4s zDerInteger.decodecCst||||r.t|jdkrtdt|jdkr.td|jddddkr.tdd|_d}|jD]}|jd 9_|jt|7_|d K}q6|jrbt|jdd@rd|j|8_dSdSdS) z*Decode a complete DER INTEGER from a file.rz/Invalid encoding for DER INTEGER: empty payloadrVz>HNr4z.Invalid encoding for DER INTEGER: leading zeror,r[) rrKr$r9r'structunpackrXr)rrGrMbitsirrrrKAs,  zDerInteger._decodeFromStream)rNNrRr/r0r1r2rrFrNrKrrrrr s    r c@seZdZdZd#ddZddZddZd d Zd d Zd dZ ddZ ddZ ddZ ddZ d$ddZd$ddZddZd%dd Zd!d"ZdS)&r aClass to model a DER SEQUENCE. This object behaves like a dynamic Python sequence. Sub-elements that are INTEGERs behave like Python integers. Any other sub-element is a binary string encoded as a complete DER sub-element (TLV). An example of encoding is: >>> from Cryptodome.Util.asn1 import DerSequence, DerInteger >>> from binascii import hexlify, unhexlify >>> obj_der = unhexlify('070102') >>> seq_der = DerSequence([4]) >>> seq_der.append(9) >>> seq_der.append(obj_der.encode()) >>> print hexlify(seq_der.encode()) which will show ``3009020104020109070102``, the DER encoding of the sequence containing ``4``, ``9``, and the object with payload ``02``. For decoding: >>> s = unhexlify(b'3009020104020109070102') >>> try: >>> seq_der = DerSequence() >>> seq_der.decode(s) >>> print len(seq_der) >>> print seq_der[0] >>> print seq_der[:] >>> except ValueError: >>> print "Not a valid DER SEQUENCE" the output will be:: 3 4 [4, 9, b''] NcCs.t|dd|d|durg|_dS||_dS)aInitialize the DER object as a SEQUENCE. :Parameters: startSeq : Python sequence A sequence whose element are either integers or other DER objects. implicit : integer The IMPLICIT tag to use for the encoded object. It overrides the universal tag for SEQUENCE (16). r3TN)rr_seq)rstartSeqr<rrrrs   zDerSequence.__init__cCs |j|=dSrrhrnrrr __delitem__r"zDerSequence.__delitem__cC |j|Srrjrkrrr __getitem__ zDerSequence.__getitem__cCs||j|<dSrrj)rkeyrXrrr __setitem__szDerSequence.__setitem__cCs||j||<dSrrj)rrejsequencerrr __setslice__r.zDerSequence.__setslice__cCs|j||=dSrrjrrersrrr __delslice__r&zDerSequence.__delslice__cCs|jtd|td|Sr)rhmaxrvrrr __getslice__szDerSequence.__getslice__cC t|jSrr$rhr rrr__len__rpzDerSequence.__len__cC|j||Srrhappendritemrrr__iadd__ zDerSequence.__iadd__cCr}rr~rrrrrrzDerSequence.appendTcsfdd|jD}t|S)zReturn the number of items in this sequence that are integers. Args: only_non_negative (boolean): If ``True``, negative integers are not counted in. csg|] }t|r|qSr)r.0rrrr sz'DerSequence.hasInts..)rhr$)rritemsrrrhasIntss zDerSequence.hasIntscCs|jo ||t|jkS)aReturn ``True`` if all items in this sequence are integers or non-negative integers. This function returns False is the sequence is empty, or at least one member is not an integer. Args: only_non_negative (boolean): If ``True``, the presence of negative integers causes the method to return ``False``.)rhrr$)rrrrr hasOnlyIntss zDerSequence.hasOnlyIntscCsfd|_|jD]'}t|r|j|7_qt|r$|jt|7_q|j|7_qt|S)zReturn this DER SEQUENCE, fully encoded as a binary string. Raises: ValueError: if some elements in the sequence are neither integers nor byte strings. r3)r9rhrrr rFrrrrrrFs  zDerSequence.encodeFcCs.||_tj|||d}|r|std|S)a9Decode a complete DER SEQUENCE, and re-initializes this object with it. Args: der_encoded (byte string): A complete SEQUENCE DER element. nr_elements (None or integer or list of integers): The number of members the SEQUENCE can have only_ints_expected (boolean): Whether the SEQUENCE is expected to contain only integers. strict (boolean): Whether decoding must check for strict DER compliancy. Raises: ValueError: in case of parsing errors. DER INTEGERs are decoded into Python integers. Any other DER element is not decoded. Its validity is not checked. r^zSome members are not INTEGERs) _nr_elementsrrNrr')rrLrM nr_elementsonly_ints_expectedr*rrrrNs  zDerSequence.decodecCsg|_t|||t|j}|dkrK|t}||||jdkr0|j| nt }| }|j ||d|j|j |dksd}|j durnz t|j|j v}Wntymt|j|j k}Ynw|sytdt|jdS)z+Decode a complete DER SEQUENCE from a file.rrVr^TNz1Unexpected number of members (%d) in the sequence)rhrrKrr9r%r!r7rr#r rNrXrr$rr')rrGrMrPderderIntdataokrrrrKs4       zDerSequence._decodeFromStreamNN)T)FNF)r/r0r1r2rrmrorrrurwryr|rrrrrFrNrKrrrrr Xs" *    r c@seZdZdZdddZdS)r aClass to model a DER OCTET STRING. An example of encoding is: >>> from Cryptodome.Util.asn1 import DerOctetString >>> from binascii import hexlify, unhexlify >>> os_der = DerOctetString(b'\xaa') >>> os_der.payload += b'\xbb' >>> print hexlify(os_der.encode()) which will show ``0402aabb``, the DER encoding for the byte string ``b'\xAA\xBB'``. For decoding: >>> s = unhexlify(b'0402aabb') >>> try: >>> os_der = DerOctetString() >>> os_der.decode(s) >>> print hexlify(os_der.payload) >>> except ValueError: >>> print "Not a valid DER OCTET STRING" the output will be ``aabb``. :ivar payload: The content of the string :vartype payload: byte string r3NcCst|d||ddS)ahInitialize the DER object as an OCTET STRING. :Parameters: value : byte string The initial payload of the object. If not specified, the payload is empty. implicit : integer The IMPLICIT tag to use for the encoded object. It overrides the universal tag for OCTET STRING (4). FNrr)rrXr<rrrrAs zDerOctetString.__init__)r3Nr/r0r1r2rrrrrr #sr c@seZdZdZddZdS)r z"Class to model a DER NULL element.cCst|dddddS)z$Initialize the DER object as a NULL.r3NFrr rrrrSszDerNull.__init__Nrrrrrr Ps r c@rT)r a,Class to model a DER OBJECT ID. An example of encoding is: >>> from Cryptodome.Util.asn1 import DerObjectId >>> from binascii import hexlify, unhexlify >>> oid_der = DerObjectId("1.2") >>> oid_der.value += ".840.113549.1.1.1" >>> print hexlify(oid_der.encode()) which will show ``06092a864886f70d010101``, the DER encoding for the RSA Object Identifier ``1.2.840.113549.1.1.1``. For decoding: >>> s = unhexlify(b'06092a864886f70d010101') >>> try: >>> oid_der = DerObjectId() >>> oid_der.decode(s) >>> print oid_der.value >>> except ValueError: >>> print "Not a valid DER OBJECT ID" the output will be ``1.2.840.113549.1.1.1``. :ivar value: The Object ID (OID), a dot separated list of integers :vartype value: string NcCrU)aInitialize the DER object as an OBJECT ID. :Parameters: value : string The initial Object Identifier (e.g. "1.2.0.0.6.2"). implicit : integer The IMPLICIT tag to use for the encoded object. It overrides the universal tag for OBJECT ID (6). explicit : integer The EXPLICIT tag to use for the encoded object. r3FNrWrYrrrrws zDerObjectId.__init__cCsdd|jdD}t|dkrtdtd|d|d|_|dd D]5}|dkr2dg}ng}|rF|d|d @d B|d L}|s6|d d M<|jddd|D7_q(t |S)zCReturn the DER OBJECT ID, fully encoded as a binary string.cSg|]}t|qSr)r\rrrrrz&DerObjectId.encode...rVz$Not a valid Object Identifier string(rr,NrAr4r3cSrr)rrrrrrr) rXsplitr$r'rr9insertjoinrrF)rcompsvencrrrrFs   zDerObjectId.encodeFcCt|||S)abDecode a complete DER OBJECT ID, and re-initializes this object with it. Args: der_encoded (byte string): A complete DER OBJECT ID. strict (boolean): Whether decoding must check for strict DER compliancy. Raises: ValueError: in case of parsing errors. r_r`rrrrNszDerObjectId.decodecCst|||t|j}ddt|dD}d}|r;|}|d|d@}|d@s7|t|d}|sd ||_ dS) z,Decode a complete DER OBJECT ID from a file.cSrr)strrrrrrrz1DerObjectId._decodeFromStream..rrr4rArN) rrKrr9divmodr-r%rrrrX)rrGrMrPrrcrrrrKs zDerObjectId._decodeFromStream)rNNrRrfrrrrr Ys    r c@rT)raClass to model a DER BIT STRING. An example of encoding is: >>> from Cryptodome.Util.asn1 import DerBitString >>> from binascii import hexlify, unhexlify >>> bs_der = DerBitString(b'\xaa') >>> bs_der.value += b'\xbb' >>> print hexlify(bs_der.encode()) which will show ``040300aabb``, the DER encoding for the bit string ``b'\xAA\xBB'``. For decoding: >>> s = unhexlify(b'040300aabb') >>> try: >>> bs_der = DerBitString() >>> bs_der.decode(s) >>> print hexlify(bs_der.value) >>> except ValueError: >>> print "Not a valid DER BIT STRING" the output will be ``aabb``. :ivar value: The content of the string :vartype value: byte string r3NcCs6t|dd|d|t|tr||_dS||_dS)aInitialize the DER object as a BIT STRING. :Parameters: value : byte string or DER object The initial, packed bit string. If not specified, the bit string is empty. implicit : integer The IMPLICIT tag to use for the encoded object. It overrides the universal tag for OCTET STRING (3). explicit : integer The EXPLICIT tag to use for the encoded object. r3FN)rr isinstancerFrXrYrrrrs  zDerBitString.__init__cCsd|j|_t|S)zDReturn the DER BIT STRING, fully encoded as a binary string.)rXr9rrFr rrrrFs  zDerBitString.encodeFcCr)aTDecode a complete DER BIT STRING, and re-initializes this object with it. Args: der_encoded (byte string): a complete DER BIT STRING. strict (boolean): Whether decoding must check for strict DER compliancy. Raises: ValueError: in case of parsing errors. r_r`rrrrNs zDerBitString.decodecCsRt||||jrt|jddkrtdd|_|jr'|jdd|_dSdS)z1Decode a complete DER BIT STRING DER from a file.rzNot a valid BIT STRINGr3r,N)rrKr9rr'rX)rrGrMrrrrKszDerBitString._decodeFromStream)r3NNrRrfrrrrrs    rc@sTeZdZdZdddZddZddZd d Zd d ZdddZ ddZ ddZ dS)raClass to model a DER SET OF. An example of encoding is: >>> from Cryptodome.Util.asn1 import DerBitString >>> from binascii import hexlify, unhexlify >>> so_der = DerSetOf([4,5]) >>> so_der.add(6) >>> print hexlify(so_der.encode()) which will show ``3109020104020105020106``, the DER encoding of a SET OF with items 4,5, and 6. For decoding: >>> s = unhexlify(b'3109020104020105020106') >>> try: >>> so_der = DerSetOf() >>> so_der.decode(s) >>> print [x for x in so_der] >>> except ValueError: >>> print "Not a valid DER SET OF" the output will be ``[4, 5, 6]``. NcCs>t|dd|dg|_d|_|r|D] }||qdSdS)a9Initialize the DER object as a SET OF. :Parameters: startSet : container The initial set of integers or DER encoded objects. implicit : integer The IMPLICIT tag to use for the encoded object. It overrides the universal tag for SET OF (17). r3TN)rrrh _elemOctetadd)rstartSetr<errrr2s  zDerSetOf.__init__cCrnrrjrkrrrroGrpzDerSetOf.__getitem__cCrzr)iterrhr rrr__iter__JrpzDerSetOf.__iter__cCrzrr{r rrrr|MrpzDerSetOf.__len__cCslt|rd}nt|tr|j}nt|d}|j|kr'|jdur$td||_||jvr4|j|dSdS)zAdd an element to the set. Args: elem (byte string or integer): An element of the same type of objects already in the set. It can be an integer or a DER encoded object. rVrNz&New element does not belong to the set) rrrr7rrr'rhr)relemeorrrrPs      z DerSetOf.addFcCr)aDecode a complete SET OF DER element, and re-initializes this object with it. DER INTEGERs are decoded into Python integers. Any other DER element is left undecoded; its validity is not checked. Args: der_encoded (byte string): a complete DER BIT SET OF. strict (boolean): Whether decoding must check for strict DER compliancy. Raises: ValueError: in case of parsing errors. r_r`rrrrNhszDerSetOf.decodecCsg|_t|||t|j}d}|dkr\|t}||||dkr,|j}n ||jkr5td|dkrB|j | nt }| | ||j |j |dksdSdS)z)Decode a complete DER SET OF from a file.rrz)Not all elements are of the same DER typerVN)rhrrKrr9r%r!r7r'rr#r rNrX)rrGrMrP setIdOctetrrrrrrKzs$    zDerSetOf._decodeFromStreamcCsfg}|jD]}t|rt|}n t|tr|}n|}||q|d||_ t|S)zRReturn this SET OF DER element, fully encoded as a binary string. r3) rhrr rFrrrsortrr9)rorderedrbysrrrrFs      zDerSetOf.encoderrR) r/r0r1r2rrorr|rrNrKrFrrrrrs   !rrR)rbCryptodome.Util.py3compatrrrrCryptodome.Util.numberrr__all__robjectrrr r r r r rrrrrrs    0_L- dZ