PNG  IHDR;IDATxܻn0K )(pA 7LeG{ §㻢|ذaÆ 6lذaÆ 6lذaÆ 6lom$^yذag5bÆ 6lذaÆ 6lذa{ 6lذaÆ `}HFkm,mӪôô! x|'ܢ˟;E:9&ᶒ}{v]n&6 h_tڠ͵-ҫZ;Z$.Pkž)!o>}leQfJTu іچ\X=8Rن4`Vwl>nG^is"ms$ui?wbs[m6K4O.4%/bC%t Mז -lG6mrz2s%9s@-k9=)kB5\+͂Zsٲ Rn~GRC wIcIn7jJhۛNCS|j08yiHKֶۛkɈ+;SzL/F*\Ԕ#"5m2[S=gnaPeғL lذaÆ 6l^ḵaÆ 6lذaÆ 6lذa; _ذaÆ 6lذaÆ 6lذaÆ RIENDB`  ?Yc@s[ddlZddlmZmZddlmZddlmZddlm Z m Z ddl m Z ddl m Z ddlmZdd lmZmZdd lmZmZid d 6d d 6dd6Ziidddfd6dddfd6dddfd6ddefd6d 6idddfd6dddfd6ddefd6d defd!6d"defd#6d$defd%6d&defd'6d(defd)6d 6id*ddfd+6d6Zi d,dfd-6d.dfd/6d0dfd16d2dfd36d4dfd56d6dfd76d8dfd96d:dfd;6d<dfd=6Zid>d?6d@dA6dBdC6ZidDdE6dFdG6ZidHdI6dJdK6dLdM6dNdO6dPdQ6dRdS6dTdU6dVdW6Zid?dX6dAdY6dCdZ6Zd[efd\YZd]efd^YZd_efd`YZ daefdbYZ!dce"fddYZ#dee$fdfYZ%dge&fdhYZ'dS(iiN(thexlifyt unhexlify(tx509(tdefault_backend(thashest serialization(tec(trsa(t iteritems(tbase64url_decodetbase64url_encode(t json_decodet json_encodesElliptic CurvetECtRSAsOctet sequencetocttCurvetPublictRequiredtcrvs X Coordinatetxs Y CoordinatetysECC Private KeytPrivatetdtModulustntExponenttesPrivate ExponentsFirst Prime FactortpsSecond Prime FactortqsFirst Factor CRT ExponenttdpsSecond Factor CRT ExponenttdqsFirst CRT Coefficienttqis Key ValuetksKey TypetktysPublic Key UsetusesKey Operationstkey_opst AlgorithmtalgsKey IDtkids X.509 URLtx5usX.509 Certificate Chaintx5cs"X.509 Certificate SHA-1 Thumbprinttx5ts$X.509 Certificate SHA-256 Thumbprintsx5t#S256s P-256 curvesP-256s P-384 curvesP-384s P-521 curvesP-521sDigital Signature or MACtsigt Encryptiontencs Compute digital Signature or MACtsignsVerify digital signature or MACtverifysEncrypt contenttencrypts6Decrypt content and validate decryption, if applicabletdecrypts Encrypt keytwrapKeys2Decrypt key and validate decryption, if applicablet unwrapKeys Derive keyt deriveKeys#Derive bits not to be used as a keyt deriveBitst secp256r1t secp384r1t secp521r1tInvalidJWKTypecBs#eZdZddZdZRS(sfInvalid JWK Type Exception. This exception is raised when an invalid parameter type is used. cCs tt|j||_dS(N(tsuperR9t__init__tvalue(tselfR<((s0/usr/lib/python2.7/site-packages/jwcrypto/jwk.pyR;\scCsd|jttjfS(Ns&Unknown type "%s", valid types are: %s(R<tlisttJWKTypesRegistrytkeys(R=((s0/usr/lib/python2.7/site-packages/jwcrypto/jwk.pyt__str__`sN(t__name__t __module__t__doc__tNoneR;RA(((s0/usr/lib/python2.7/site-packages/jwcrypto/jwk.pyR9Vs tInvalidJWKUsagecBs eZdZdZdZRS(sInvalid JWK usage Exception. This exception is raised when an invalid key usage is requested, based on the key type and declared usage constraints. cCs)tt|j||_||_dS(N(R:RFR;R<R#(R=R#R<((s0/usr/lib/python2.7/site-packages/jwcrypto/jwk.pyR;ls cCs~|jttjkr+t|j}n d|j}|jttjkrct|j}n d|j}d||fS(Ns Unknown(%s)s.Invalid usage requested: "%s". Valid for: "%s"(R#R>tJWKUseRegistryR@R<(R=tusagetvalid((s0/usr/lib/python2.7/site-packages/jwcrypto/jwk.pyRAqs  (RBRCRDR;RA(((s0/usr/lib/python2.7/site-packages/jwcrypto/jwk.pyRFes tInvalidJWKOperationcBs eZdZdZdZRS(sInvalid JWK Operation Exception. This exception is raised when an invalid key operation is requested, based on the key type and declared usage constraints. cCs)tt|j||_||_dS(N(R:RJR;toptvalues(R=t operationRL((s0/usr/lib/python2.7/site-packages/jwcrypto/jwk.pyR;s cCs|jttjkr+t|j}n d|j}t}xN|jD]C}|ttjkr}|jt|qK|jd|qKWd||fS(Ns Unknown(%s)s2Invalid operation requested: "%s". Valid for: "%s"(RKR>tJWKOperationsRegistryR@RLtappend(R=RKRItv((s0/usr/lib/python2.7/site-packages/jwcrypto/jwk.pyRAs  (RBRCRDR;RA(((s0/usr/lib/python2.7/site-packages/jwcrypto/jwk.pyRJ~s tInvalidJWKValuecBseZdZRS(sInvalid JWK Value Exception. This exception is raised when an invalid/unknown value is used in the context of an operation that requires specific values to be used based on the key type or other constraints. (RBRCRD(((s0/usr/lib/python2.7/site-packages/jwcrypto/jwk.pyRQstJWKcBseZdZdZedZdZd*dZdZ dZ dZ dZ d Z d Zd Zd Zd ZdZedZdZdZdZdZedZedZedZedZedZedZdZ dZ!dZ"dZ#dZ$dZ%d Z&d*d!Z'd*d"Z(d*d*d#Z)d$Z*d*d%Z+e,e,d&Z-ed'Z.ed*d(Z/e0j1d)Z2RS(+sJSON Web Key object This object represent a Key. It must be instantiated by using the standard defined key/value pairs as arguments of the initialization function. cKsZt|_t|_t|_d|kr@|j|n|rV|j|ndS(s2Creates a new JWK object. The function arguments must be valid parameters as defined in the 'IANA JSON Web Key Set Parameters registry' and specified in the :data:`JWKParamsRegistry` variable. The 'kty' parameter must always be provided and its value must be a valid one as defined by the 'IANA JSON Web Key Types registry' and specified in the :data:`JWKTypesRegistry` variable. The valid key parameters per key type are defined in the :data:`JWKValuesregistry` variable. To generate a new random key call the class method generate() with the appropriate 'kty' parameter, and other parameters as needed (key size, public exponents, curve types, etc..) Valid options per type, when generating new keys: * oct: size(int) * RSA: public_exponent(int), size(int) * EC: curve(str) (one of P-256, P-384, P-521) Deprecated: Alternatively if the 'generate' parameter is provided, with a valid key type as value then a new key will be generated according to the defaults or provided key strenght options (type specific). :raises InvalidJWKType: if the key type is invalid :raises InvalidJWKValue: if incorrect or inconsistent parameters are provided. tgenerateN(tdictt_paramst_keyt_unknownt generate_keyt import_key(R=tkwargs((s0/usr/lib/python2.7/site-packages/jwcrypto/jwk.pyR;s    cKs^|}y!|d}t|d|}Wn#ttfk rOt|nX|||S(NR"s _generate_%s(tgetattrtKeyErrortAttributeErrorR9(tclsRZtobjR"tgen((s0/usr/lib/python2.7/site-packages/jwcrypto/jwk.pyRSs   cKsZy&|jd}t|d|}Wn#ttfk rKt|nX||dS(NRSs _generate_%s(tpopR[R\R]R9(R=tparamsR"R`((s0/usr/lib/python2.7/site-packages/jwcrypto/jwk.pyRXs cCs|}d|kr$|jd}n_d|kry'ddlm}|j|d}Wntk rvtdnX|j}n|S(NtsizeR&i(tJWAsInvalid 'alg' parameter(Rat jwcrypto.jwaRdtinstantiate_algR\t ValueErrortkeysize(R=Rbt default_sizeRcRdR&((s0/usr/lib/python2.7/site-packages/jwcrypto/jwk.pyt _get_gen_sizes    cCsP|j|d}tj|d}d|d\}}|ddkr||j krt d|qqWx|D]}|||j |R@tJWKParamsRegistryRUtremovetgetRER?R9tJWKValuesRegistryRVRRQRWRu( R=RZtnamesRR"tvaltkotctckotsigltenclRK((s0/usr/lib/python2.7/site-packages/jwcrypto/jwk.pyRYIsR           cCs$|tkr|jS|jSdS(s+Exports the key in the standard JSON format. Exports the key regardless of type, if private_key is False and the key is_symmetric an exceptionis raised. :param private_key(bool): Whether to export the private key. Defaults to True. N(tTruet _export_allt export_public(R=t private_key((s0/usr/lib/python2.7/site-packages/jwcrypto/jwk.pytexports  cCs|jstdni}t}xH|D]@}||ddkr+||jkrk|j|||RJ(R=RHRMR#tops((s0/usr/lib/python2.7/site-packages/jwcrypto/jwk.pyt_check_constraintss  cCsttt|dS(Ni(tintRR (R=R((s0/usr/lib/python2.7/site-packages/jwcrypto/jwk.pyt _decode_intscCs*tj|j|d|j|dS(NRR(RtRSAPublicNumbersR(R=R!((s0/usr/lib/python2.7/site-packages/jwcrypto/jwk.pyt_rsa_pubsc Csvtj|j|d|j|d|j|d|j|d|j|d|j|d|j|S(NRRRRRR (RtRSAPrivateNumbersRR(R=R!((s0/usr/lib/python2.7/site-packages/jwcrypto/jwk.pyt_rsa_pri scCs6tj|j|d|j|d|j|S(NRR(RtEllipticCurvePublicNumbersRR(R=R!R((s0/usr/lib/python2.7/site-packages/jwcrypto/jwk.pyt_ec_pubscCs)tj|j|d|j||S(NR(RtEllipticCurvePrivateNumbersRR(R=R!R((s0/usr/lib/python2.7/site-packages/jwcrypto/jwk.pyt_ec_priscCs|jddkr|jdS|jddkrM|j|jjtS|jddkr|j|j|jtStdS(NR"RR!RR (RURVRt public_keyRRtNotImplementedError(R=R((s0/usr/lib/python2.7/site-packages/jwcrypto/jwk.pyt_get_public_keys cCs|jddkr|jdS|jddkrM|j|jjtS|jddkr|j|j|jtStdS(NR"RR!RR (RURVRRRRR(R=R((s0/usr/lib/python2.7/site-packages/jwcrypto/jwk.pyt_get_private_key's cCs;|jjdttj}|tk r9|g}n|d kru|jddkrc|jdSt||n|dkr|jd||j |S|dkr|jd||j |S|dks|d kr|jd ||j |S|d ks|d kr1|jd ||j |St d S(sGet the key object associated to the requested opration. For example the public RSA key for the 'verify' operation or the private EC key for the 'decrypt' operation. :param operation: The requested operation. The valid set of operations is availble in the :data:`JWKOperationsRegistry` registry. :param arg: an optional, context specific, argument For example a curve name. :raises InvalidJWKOperation: if the operation is unknown or not permitted with this key. :raises InvalidJWKUsage: if the use constraints do not permit the operation. R$R"RR!R.R+R/R0R2R-R1R3N( RURR>RNR@RERVRJRRRR(R=RMRtvalidops((s0/usr/lib/python2.7/site-packages/jwcrypto/jwk.pyt get_op_key1s*           cCst|tjr"|j|nvt|tjrD|j|nTt|tjrf|j|n2t|tj r|j |nt d|dS(NsUnknown key object %r( RRt RSAPrivateKeyR{t RSAPublicKeyRRtEllipticCurvePrivateKeyRtEllipticCurvePublicKeyRRQ(R=Rm((s0/usr/lib/python2.7/site-packages/jwcrypto/jwk.pytimport_from_pycaXscCsy"tj|d|dt}Wntk r}|dk rI|nytj|dt}Wqtk ry(tj|dt}|j}Wqtk r|qXqXnX|j ||j |j dW|}n|||ROR RR (R=t private_keystexp_dictR!RPR@tjwk((s0/usr/lib/python2.7/site-packages/jwcrypto/jwk.pyRs      cCsyt|}WntnXd|kr;tnx[t|D]M\}}|dkrx2|D]}|djt|qgWqH|||s|                      $