U c-@sddlZddlZddlZddlZddlZddlmZmZddlm Z m Z m Z m Z m Z ddlmZmZmZmZddlmZmZddlmZddlmZddlmZmZdd lmZd d lm Z m!Z!d d l"m#Z#m$Z$m%Z%m&Z&d dl'm(Z(m)Z)m*Z*m+Z+m,Z,m-Z-m.Z.m/Z/m0Z0m1Z1d dl2m3Z3m4Z4d dl5m6Z6m7Z7e8e9Z:Gddde+ej;Ze ?dZ@e ?dZAd>ddZBd?ddZCejDGdddejEZFd@eGeHd d!d"ZIdAeGejJd$d%d&ZKdBe ejJeGeHejLd'd(d)ZMGd*d+d+ZNGd,d-d-ejOZPGd.d/d/eNe3ZQe3ReQejLeNe e eGe eHfd0d1d2ZSe jTd3d4d5ZUd6d7ZVd8d9ZWd:d;ZXe/jRGdsz2PubKeyCryptFilter.as_pdf_object.. /Recipientsr/EncryptMetadata) r3 as_pdf_objectr NumberObjectr\ ArrayObjectr-r. BooleanObjectr/)r5resultr-r7r9r:rgs     zPubKeyCryptFilter.as_pdf_object)__name__ __module__ __qualname____doc__r,__annotations__r4propertyboolr?rBrrr CertificaterOrrVbytesr]rg __classcell__r9r9r7r:r*'s    %r*c@seZdZdZdS)PubKeyAESCryptFilterz< AES crypt filter for public key security handlers. Nrlrmrnror9r9r9r:rvsrvc@seZdZdZdS)PubKeyRC4CryptFilterz< RC4 crypt filter for public key security handlers. Nrwr9r9r9r:rxsrxz/DefaultCryptFilterz/DefEmbeddedFileTcCsttt|d||dittdSNT)r\r.r-r/)Zdefault_stream_filterZdefault_string_filter)r!DEFAULT_CRYPT_FILTERrxr\r-r/r9r9r:_pubkey_rc4_configsr|cCsttt|d||dittdSry)r!rzrvr{r9r9r:_pubkey_aes_configsr}c@s.eZdZdZedZedZedZdS)PubKeyAdbeSubFilterz{ Enum describing the different subfilters that can be used for public key encryption in the PDF specification. z/adbe.pkcs7.s3z/adbe.pkcs7.s4z/adbe.pkcs7.s5N) rlrmrnror NameObjectZS3S4S5r9r9r9r:r~s  r~)rUrNcCs(t|dkst||r"td|ndS)NrFFsz+construct_recipient_cms..Z aes256_cbc)r parametersdata) content_typecontent_encryption_algorithmencrypted_contentr)rWrecipient_infosencrypted_content_infoenveloped_data)rcontent) rrJrKrr ZEncryptionAlgorithmr ZEncryptionAlgorithmIdZEncryptedContentInfoZ ContentTypeZ EnvelopedData ContentInfo) rrUrNrGrHZenvelope_contentrencrypted_envelope_contentZ rec_infosrrrr9rr:rL's@   rLc@s4eZdZdZejdddZeej edddZ dS) EnvelopeKeyDecrypterz General credential class for use with public key security handlers. This allows the key decryption process to happen offline, e.g. on a smart card. :param cert: The recipient's certificate. rcCs ||_dSr=r)r5rr9r9r:r4oszEnvelopeKeyDecrypter.__init__r algo_paramsr<cCstdS)a Invoke the actual key decryption algorithm. :param encrypted_key: Payload to decrypt. :param algo_params: Specification of the encryption algorithm as a CMS object. :return: The decrypted payload. N)r)r5rrr9r9r:decryptrs zEnvelopeKeyDecrypter.decryptN) rlrmrnror rsr4rtr rrr9r9r9r:rds  rc@seZdZdefdejfgZdS)_PrivKeyAndCertkeyrN)rlrmrnr r rs_fieldsr9r9r9r:rsrcseZdZdZeedddZedddZeeddd Z e j e d fd d Z edddZedddZeejedddZZS)SimpleEnvelopeKeyDecrypterz Implementation of :class:`.EnvelopeKeyDecrypter` where the private key is an RSA key residing in memory. :param cert: The recipient's certificate. :param private_key: The recipient's private key. r;cCsdS)NZ raw_privkeyr9clsr9r9r:get_namesz#SimpleEnvelopeKeyDecrypter.get_namecCs|j|jd}t|S)N)rr) private_keyrrrZ)r5valuesr9r9r: _ser_valuesz%SimpleEnvelopeKeyDecrypter._ser_value)rc CsZzt|}|d}|d}Wn.tk rL}ztd|W5d}~XYnXt||dS)Nrrz-Failed to decode serialised pubkey credentialrr)rload ValueErrorr PdfReadErrorr)rrdecodedrrer9r9r: _deser_values  z'SimpleEnvelopeKeyDecrypter._deser_valuercst|||_dSr=)r3r4r)r5rrr7r9r:r4s z#SimpleEnvelopeKeyDecrypter.__init__Nc Cszddlm}z$|||d}ddlm}||}Wn<tttfk rl}ztjd|dWYdSd}~XYnXt||dS) a Load a key decrypter using key material from files on disk. :param key_file: File containing the recipient's private key. :param cert_file: File containing the recipient's certificate. :param key_passphrase: Passphrase for the key file, if applicable. :return: An instance of :class:`.SimpleEnvelopeKeyDecrypter`. r)load_private_key_from_pemder) passphrase)load_cert_from_pemderz%Could not load cryptographic materialexc_infoNr) Zpyhanko.sign.generalrrIOErrorrrAloggererrorr)key_file cert_fileZkey_passphraserrrrrr9r9r:rs   zSimpleEnvelopeKeyDecrypter.loadc CszTt|d}|}W5QRXt||\}}}ddlm}m} ||}| |}WnDttt fk r} z t j d|d| dWYdSd} ~ XYnXt ||dS) aZ Load a key decrypter using key material from a PKCS#12 file on disk. :param pfx_file: Path to the PKCS#12 file containing the key material. :param passphrase: Passphrase for the private key, if applicable. :return: An instance of :class:`.SimpleEnvelopeKeyDecrypter`. rb))_translate_pyca_cryptography_cert_to_asn1(_translate_pyca_cryptography_key_to_asn1zCould not open PKCS#12 file .rNr) openreadrZload_key_and_certificatesZ sign.generalrrrrrArrr) rZpfx_filerfZ pfx_bytesrrZ other_certsrrrr9r9r: load_pkcs12s    z&SimpleEnvelopeKeyDecrypter.load_pkcs12rcCsF|dj}|dkr"td|dtj|jdd}|j|tdS)a Decrypt the payload using RSA with PKCS#1 v1.5 padding. Other schemes are not (currently) supported by this implementation. :param encrypted_key: Payload to decrypt. :param algo_params: Specification of the encryption algorithm as a CMS object. Must use ``rsaes_pkcs1v15``. :return: The decrypted payload. rrzAOnly 'rsaes_pkcs1v15' is supported for envelope encryption, not 'rN)passwordr)rrrZload_der_private_keyrrZrr)r5rrZ algo_nameZpriv_keyr9r9r:rs  z"SimpleEnvelopeKeyDecrypter.decrypt)N)N)rlrmrnro classmethodstrrrtrrr rsr r4 staticmethodrrr rrrur9r9r7r:rs    r) recipient_cms decrypterr<c Cs|dj}|dkr td||d}|d}|dD]}|j}t|tjsVtd|dj}t|tjsttd |d }|d j} |j j |kr8|j j | kr8z| |d j|d } Wn.t k r} ztd| W5d} ~ XYnXqq8dS|d} |dj} z | j}Wn$ttfk r2| dj}YnXdti}z(ddlm}||j|j|jdWn(tk r|dkrtdYnX||kr||}| j}|| | |}n(|dkrt| | }ntd|d|dd}d}t|dkrtd|ddd}||fS)Nrrz7Recipient CMS content type must be enveloped data, not rrrz4RecipientInfo must be of type KeyTransRecipientInfo.rz;Recipient identifier must be of type IssuerAndSerialNumber.rrrrzFailed to decrypt envelope key)NNrrrZaesr) symmetric)ZdesZ tripledesZrc2z0DES, 3DES and RC2 require oscrypto to be presentZrc4zCipher z is not allowed in PDF 2.0.rFr)rrrZchosenr@r rrrrrrr ExceptionZencryption_cipherrKeyErrorrZoscryptorrYZdes_cbc_pkcs5_decryptZtripledes_cbc_pkcs5_decryptZrc2_cbc_pkcs5_decrypt ImportErrorZ encryption_ivrrrunpack)rrrZedrZrec_inforZissuer_and_serialrserialrrrrZ cipher_nameZwith_ivrZdecryption_funrrrUrNr9r9r:rPs                 rP)cfdictcCsbz |d}Wntk r*tdYnXt|tjr>|f}dd|D}|dd}||dS)Nrez.PubKey CF dictionary must have /Recipients keycSsg|]}tj|jqSr9r rroriginal_bytesrcxr9r9r:rksz0_read_generic_pubkey_cf_info..rfTr-r/)rrrr@rraget)rr-recipient_objsr/r9r9r:_read_generic_pubkey_cf_infobs    rcCs(|dd}tf|d|dt|S)Nr_(r^r\r.)rrxr)rr. keylen_bitsr9r9r:_build_legacy_pubkey_cfrs rcCstfd|dt|S)Nrrvrrr.r9r9r:_build_aes128_pubkey_cfzs rcCstfd|dt|S)Nrrrrr9r9r:_build_aes256_pubkey_cfs rcs^eZdZUdZeeedddZee j e fe d<e dejddeddfeejedd d d Zd-eed edfdd Ze edddZe eedddZe e jeedddZ e e je!d dfdd Z"e e jdddZ#e e jddd Z$e e jdd!d"Z%d#d$Z&edfeejd%d&d'Z'd.e(e)d(d)d*Z*e+dd+d,Z,Z-S)/r+z Security handler for public key encryption in PDF. As with the standard security handler, you essentially shouldn't ever have to instantiate these yourself (see :meth:`build_from_certs`). cCstSr=)r")___r9r9r:rzPubKeySecurityHandler.)z/V2z/AESV2z/AESV3z /Identity_known_crypt_filtersrTF)rErNr<c Ksp|r tjntj} d} |tjkr@|r2td|dd} nt|d|d} ||| |f|| dd| } | j|||d| S)a Create a new public key security handler. This method takes many parameters, but only ``certs`` is mandatory. The default behaviour is to create a public key encryption handler where the underlying symmetric encryption is provided by AES-256. Any remaining keyword arguments will be passed to the constructor. :param certs: The recipients' certificates. :param keylen_bytes: The key length (in bytes). This is only relevant for legacy security handlers. :param version: The security handler version to use. :param use_aes: Use AES-128 instead of RC4 (only meaningful if the ``version`` parameter is :attr:`~.SecurityHandlerVersion.RC4_OR_AES128`). :param use_crypt_filters: Whether to use crypt filters. This is mandatory for security handlers of version :attr:`~.SecurityHandlerVersion.RC4_OR_AES128` or higher. :param perms: Permission flags (as a 4-byte signed integer). :param encrypt_metadata: Whether to encrypt document metadata. .. warning:: See :class:`.SecurityHandler` for some background on the way pyHanko interprets this value. :param ignore_key_usage: If ``False``, the *keyEncipherment* key usage extension is required. :return: An instance of :class:`.PubKeySecurityHandler`. Nr)r/r-r)r/crypt_filter_configrrNrH)r~rrr$ RC4_OR_AES128r}r|rO) rrEZ keylen_bytesrWZuse_aesZuse_crypt_filtersrNr/rHr6 subfiltercfcshr9r9r:build_from_certss:,  z&PubKeySecurityHandler.build_from_certsNr!)rWpubkey_handler_subfilterrrcs|tjkr|tjkrtd|dkrr|tjkr@td||d}n2|tjkrZt|||d}n|tj krrt d||d}t j |||||d||_ ||_d|_dS)NzESubfilter /adbe.pkcs7.s5 is required for security handlers beyond V4.)r\r/r-r)r/compat_entries)r$rr~rrrIZRC4_40r|RC4_LONGER_KEYSrXr}r3r4rr/r1)r5rWr legacy_keylenr/rrrr7r9r:r4sF    zPubKeySecurityHandler.__init__r;cCs tdS)Nz /Adobe.PubSec)rrrr9r9r:r szPubKeySecurityHandler.get_namecCsddtDS)NcSsh|] }|jqSr9)valuerr9r9r: szCPubKeySecurityHandler.support_generic_subfilters..)r~rr9r9r:support_generic_subfilters sz0PubKeySecurityHandler.support_generic_subfilters)rr.r<cCs$t|j||}|dkr td|S)NzJAn absent CFM or CFM of /None doesn't make sense in a PubSec CF dictionary)r%rrr)rrr.cfr9r9r:read_cf_dictionarysz(PubKeySecurityHandler.read_cf_dictionary) encrypt_dictr<csTt|}||}|dk r4|tjkr4tdn|dkrP|tjkrPtd|S)Nz=Crypt filters require /adbe.pkcs7.s5 as the declared handler.z./adbe.pkcs7.s5 handler requires crypt filters.)r3process_crypt_filters_determine_subfilterr~rrr)rr rrr7r9r:r s  z+PubKeySecurityHandler.process_crypt_filters)r cCsZ|dd}|ddkr"td|d}t|ddd}|jd td d }t|||d S) Nr_r^rz"Key length must be a multiple of 8recSsdd|DS)NcSsg|]}tj|jqSr9rrr9r9r:r9szSPubKeySecurityHandler.gather_pub_key_metadata....r9)lstr9r9r:r9rz?PubKeySecurityHandler.gather_pub_key_metadata..rfTdefault)rrr/)rrrI get_and_applyrrdict)rr rr\r-r/r9r9r:gather_pub_key_metadata0s&   z-PubKeySecurityHandler.gather_pub_key_metadatacCsPz$tj|dtd|krtjntjdWStk rJtd|dYnXdS)N /SubFilterz/CFrz8Invalid /SubFilter in public key encryption dictionary: )rrr~rrrr)rr r9r9r:rFsz*PubKeySecurityHandler._determine_subfiltercCs6t|d}tf|||||d||S)N/V)rWrr)r$Z from_numberr+rr r)rr vr9r9r:instantiate_from_pdf_objectUsz1PubKeySecurityHandler.instantiate_from_pdf_objectcCst}t||d<|jj|d<|j|d<|jsF|jt j krZt |j d|d<|jt j krvt |j|d<|jtjkr||jn0|}t|tsttdd|jD|d <|S) Nz/Filterrrr^r_rfcss|]}t|VqdSr=r`rbr9r9r:rdtsz6PubKeySecurityHandler.as_pdf_object..re)rDictionaryObjectrrrrrWrgZ_compat_entriesr$rrhr\rjr/r~rrYrZget_stream_filterr@r*rArir-)r5rkZ default_cfr9r9r:rgas(        z#PubKeySecurityHandler.as_pdf_objectrDcCs0|jD] }t|tsq |j|||dq dS)Nr)rstandard_filtersr@r*rO)r5rErNrHr r9r9r:rOzs z$PubKeySecurityHandler.add_recipients)rSr<cCst|trt|}t|ts4tdt|dd}|j D]B}t|t sRqB| |}|j t jkrp|S|jdk rB||jM}qBt|tr||_tt jt|S)a Authenticate a user to this security handler. :param credential: The credential to use (an instance of :class:`.EnvelopeKeyDecrypter` in this case). :param id1: First part of the document ID. Public key encryption handlers ignore this key. :return: An :class:`AuthResult` object indicating the level of access obtained. zRPubkey authentication credential must be an instance of EnvelopeKeyDecrypter, not rlN)r@r'r&Z deserialiserrrtyperrr*rVstatusrrRZpermission_flagsZ _credentialrrQr)r5rSZid1rNr rkr9r9r:rVs$         z"PubKeySecurityHandler.authenticatecCs |jjSr=)rZget_for_streamZ shared_keyr>r9r9r:get_file_encryption_keysz-PubKeySecurityHandler.get_file_encryption_key)TNNT)N).rlrmrnrorrrrrrrr rprr$rXrrr rsintrr~listr4rrrr rrrrr rr rrrrgrOrrrVrtrrur9r9r7r:r+sn  G+    )r+)NT)NT)T)F)TF)ZabcenumloggingrJrhashlibrrtypingrrrrrZ asn1cryptor r r r Zasn1crypto.keysr rZcryptography.hazmat.primitivesrZ1cryptography.hazmat.primitives.asymmetric.paddingrZ-cryptography.hazmat.primitives.asymmetric.rsarrZ,cryptography.hazmat.primitives.serializationrrrZ_utilrrrrapirrrrr r!r"r#r$r%Zcred_serr&r'Z filter_mixinsr(r) getLoggerrlrABCr*rvrxrrzZDEF_EMBEDDED_FILEr|r}uniqueEnumr~rtrrrsrrrLrSequencerrregisterrPrrrrrr+r9r9r9r:sh   0     1  =x  b