U clX@s2dZddlZddlZddlmZddlmZmZmZm Z m Z m Z ddl m Z mZmZmZmZmZddlmZddlmZmZddlmZdd lmZdd lmZdd lmZm Z dd l!m"Z"d ddddddddddddddddddd d!d"d#d$d%d&d'd(d)gZ#e$e%Z&Gd*d(d(e'Z(Gd+d)d)e(Z)Gd,d&d&e(Z*d-d Z+Gd.dde,Z-Gd/dde'Z.d0dZ/d1dZ0ej1ej2d2d3d"Z3d^ej1ej4d2d5d#Z5ej1e ej6ej7fd6d7d%Z8e ej9ej:fej1e;d8d9d$Zd_e ej?efd=d>dZ@eeAd?d@dZBd`e jCdAdBd!ZDej1eAe jCdCdDd ZEdEdZFeGdFdGdZHdHdZIe eGejJdIdJdZKeGe eGejJdKdLdZLejJd=dMdNZMej1d=dOdPZNedQdRGdSddZOejPdTdUdVZQdWdXZRejSejTdYdZdZUejSeOdYd[dZVe"jWfeeeXeAe eXeGfd\d]d'ZYdS)aa General tools related to Cryptographic Message Syntax (CMS) signatures, not necessarily to the extent implemented in the PDF specification. CMS is defined in :rfc:`5652`. To parse CMS messages, pyHanko relies heavily on `asn1crypto `_. N) dataclass)IOIterableListOptionalTupleUnion)algoscmskeyspemtspx509)SignedDigestAlgorithm)hashes serialization)padding) RSAPublicKey) Prehashed)CertificateStoreSimpleCertificateStore)miscsimple_cms_attributefind_cms_attributefind_unique_cms_attributeNonexistentAttributeErrorMultivaluedAttributeErrorrr SigningErrorUnacceptableSignerErrorSignedDataCertsextract_signer_infoextract_certificate_infoload_certs_from_pemderload_cert_from_pemderload_private_key_from_pemderload_certs_from_pemder_data!load_private_key_from_pemder_dataget_cms_hash_algo_for_mechanismget_pyca_cryptography_hashoptimal_pss_paramsprocess_pss_paramsas_signing_certificateas_signing_certificate_v2match_issuer_serialcheck_ess_certidCMSExtractionErrorbyte_range_digestValueErrorWithMessageCMSStructuralErrorc@seZdZdZddZdS)r1z Value error with a failure message attribute that can be conveniently extracted, instead of having to rely on extracting exception args generically. cCst||_dSN)strfailure_message)selfr5r78/tmp/pip-unpacked-wheel-0kb_yl26/pyhanko/sign/general.py__init__5szValueErrorWithMessage.__init__N)__name__ __module__ __qualname____doc__r9r7r7r7r8r1/sc@seZdZdZdS)r2z!Structural error in a CMS object.Nr:r;r<r=r7r7r7r8r29sc@s eZdZdS)r/Nr:r;r<r7r7r7r8r/=scCstt||fdS)a Convenience method to quickly construct a CMS attribute object with one value. :param attr_type: The attribute type, as a string or OID. :param value: The value. :return: A :class:`.cms.CMSAttribute` object. )typevalues)r Z CMSAttributeZCMSAttributeType)Z attr_typevaluer7r7r8rAs c@s eZdZdS)rNr?r7r7r7r8rSsc@s eZdZdS)rNr?r7r7r7r8rWscCs`d}|r@|D]2}|dj|kr |dk r6td|d|d}q |dk rL|Std|ddS)a Find and return CMS attribute values of a given type. .. note:: This function will also check for duplicates, but not in the sense of multivalued attributes. In other words: multivalued attributes are allowed; listing the same attribute OID more than once is not. :param attrs: The :class:`.cms.CMSAttributes` object. :param name: The attribute type as a string (as defined in ``asn1crypto``). :return: The values associated with the requested type, if present. :raise NonexistentAttributeError: Raised when no such type entry could be found in the :class:`.cms.CMSAttributes` object. :raise CMSStructuralError: Raised if the given OID occurs more than once. Nr@z Attribute z was duplicatedrAzUnable to locate attribute .)nativer2r)attrsnameZ found_valuesattrr7r7r8r[s  cCs8t||}t|dkr0td|dt|d|dS)a  Find and return a unique CMS attribute value of a given type. :param attrs: The :class:`.cms.CMSAttributes` object. :param name: The attribute type as a string (as defined in ``asn1crypto``). :return: The value associated with the requested type, if present. :raise NonexistentAttributeError: Raised when no such type entry could be found in the :class:`.cms.CMSAttributes` object. :raise MultivaluedAttributeError: Raised when the attribute's cardinality is not 1. zExpected single-valued z attribute, but found z valuesr)rlenr)rErFrAr7r7r8rs   )certreturnc CsFtdtt|td|j ig|ddddgiS)a Format an ASN.1 ``SigningCertificate`` object, where the certificate is identified by its SHA-1 digest. :param cert: An X.509 certificate. :return: A :class:`tsp.SigningCertificate` object referring to the original certificate. certsdirectory_nametbs_certificate serial_numberissuerrO) cert_hash issuer_serial) r SigningCertificate ESSCertIDhashlibsha1dumpdigestr GeneralNamerQrJr7r7r8r+s  sha256c Csft|}t|}|||}tdtd|i|t d|j ig|ddddgiS)a Format an ASN.1 ``SigningCertificateV2`` value, where the certificate is identified by the hash algorithm specified. :param cert: An X.509 certificate. :param hash_algo: Hash algorithm to use to digest the certificate. Default is SHA-256. :return: A :class:`tsp.SigningCertificateV2` object referring to the original certificate. rL algorithmrMrNrOrP)hash_algorithmrRrS) r(rHashupdaterXfinalizer SigningCertificateV2 ESSCertIDv2rrZrQ)rJ hash_algo hash_specmd digest_valuer7r7r8r,s   )rJcertidcCsvt|tjrd}n|ddj}t|}t|}||| }|dj}||kr^dS|d}| ptt ||S)a Match an ``ESSCertID`` value against a certificate. :param cert: The certificate to match against. :param certid: The ``ESSCertID`` value. :return: ``True`` if the ``ESSCertID`` matches the certificate, ``False`` otherwise. rWr^r]rRFrS) isinstancer rUrDr(rr_r`rXrar-)rJrhrdrerfrgZexpected_digest_valueexpected_issuer_serialr7r7r8r.s   )rjrJrKcCs|dd}|d}t|tjrHt|dks:|djdkr>dS|dj}z ||jkpd||jk}Wntk rd}YnX|o|d|kS)a Match the issuer and serial number of an X.509 certificate against some expected identifier. :param expected_issuer_serial: A certificate identifier, either :class:`cms.IssuerAndSerialNumber` or :class:`tsp.IssuerSerial`. :param cert: An :class:`x509.Certificate`. :return: ``True`` if there's a match, ``False`` otherwise. rNrOrQrHrrMF) rirZ GeneralNamesrIrFchosenrXrQ ValueError)rjrJZ serial_asn1Zexpected_issuerZ issuer_matchr7r7r8r-s       cs&eZdZdZedfdd ZZS)rz1 Error encountered while signing a file. )msgcs||_tj|f|dSr3)rmsuperr9)r6rmargs __class__r7r8r9/szSigningError.__init__)r:r;r<r=r4r9 __classcell__r7r7rpr8r+sc@seZdZdZdS)rz= Error raised when a signer was judged unacceptable. Nr>r7r7r7r8r4sF)rKcCs:|dkrtjdd}ntt|}|r6t|S|S)Nshake256@) digest_size)lowerrZSHAKE256getattrupperr)r] prehashedrdr7r7r8r(;s )mechrKcCs(|j}|dkrdS|dkrdS|jSdS)a% Internal function that takes a :class:`.SignedDigestAlgorithm` instance and returns the name of the digest algorithm that has to be used to compute the ``messageDigest`` attribute. :param mech: A signature mechanism. :return: A digest algorithm name. Zed25519sha512Zed448rsN)Zsignature_algord)rzZsig_algor7r7r8r'Es )paramsc Cs|d}|dj}||kr8td|d|d|d}|djdksVtd|d dj}||krtd |d |d |d j}t|dd}t||d} tjtj |d|d} | | fS)zs Extract PSS padding settings and message digest from an ``RSASSAPSSParams`` value. Internal API. r^r]zPSS MD 'z ' must agree with signature MD 'z'.mask_gen_algorithmmgf1zOnly MFG1 is supported parameterszMessage digest for MGF1 is z", and the one used for signing is zL. If these do not agree, some software may refuse to validate the signature. salt_lengthF)ry)r])Zmgfr) rDcasefoldrlNotImplementedErrorloggerwarningr(rZPSSZMGF1) r|digest_algorithmryrdZmd_nameZmgaZ mgf_md_nameZsalt_lenZmgf_mdrfZ pss_paddingr7r7r8r*\s,      )rJrrKc Cs^|}t|j}t|}t||}t t d|it dt d|id|dS)a" Figure out the optimal RSASSA-PSS parameters for a given certificate. The subject's public key must be an RSA key. :param cert: An RSA X.509 certificate. :param digest_algorithm: The digest algorithm to use. :return: RSASSA-PSS parameters. r]r~)r]r)r^r}r) rvrZload_der_public_keyZ public_keyrXr(rZcalculate_max_pss_salt_lengthr RSASSAPSSParamsZDigestAlgorithmZMaskGenAlgorithm)rJrkeyrfZoptimal_salt_lenr7r7r8r)s( c cs:|D]0}t|d}|}W5QRXt|EdHqdS)z A convenience function to load PEM/DER-encoded certificates from files. :param cert_files: An iterable of file names. :return: A generator producing :class:`.asn1crypto.x509.Certificate` objects. rbN)openreadr%)Z cert_files cert_filefcert_data_bytesr7r7r8r"s  )rccsrt|r`tj|dd}|D]@\}}}|dks:|dkrJtj|Vqtd|dqntj|VdS)a A convenience function to load PEM/DER-encoded certificates from binary data. :param cert_data_bytes: ``bytes`` object from which to extract certificates. :return: A generator producing :class:`.asn1crypto.x509.Certificate` objects. T)multipleN certificatezSkipping PEM block of type z in CA chain file.) r detectZunarmorrvr Certificateloadrdebug)rZpems type_name_Zderr7r7r8r%s  cCs2tt|g}t|dkr*td|d|dS)z A convenience function to load a single PEM/DER-encoded certificate from a file. :param cert_file: A file name. :return: An :class:`.asn1crypto.x509.Certificate` object. rHzNumber of certs in z should be exactly 1r)listr"rIrl)rrLr7r7r8r#s   ) passphraserKc Cs*t|d}|}W5QRXt||dS)a  A convenience function to load PEM/DER-encoded keys from files. :param key_file: File to read the key from. :param passphrase: Key passphrase. :return: A private key encoded as an unencrypted PKCS#8 PrivateKeyInfo object. r)r)rrr&)key_filerr key_bytesr7r7r8r$s )rrrKcCs&t|rtjntj}t|||dS)a A convenience function to load PEM/DER-encoded keys from binary data. :param key_bytes: ``bytes`` object to read the key from. :param passphrase: Key passphrase. :return: A private key encoded as an unencrypted PKCS#8 PrivateKeyInfo object. )password)r rrZload_pem_private_keyZload_der_private_key(_translate_pyca_cryptography_key_to_asn1)rrZload_funr7r7r8r&s  cCs"tj|tjjtjjt Sr3) r PrivateKeyInforZ private_bytesrEncodingDERZ PrivateFormatZPKCS8Z NoEncryption)Z private_keyr7r7r8r s rcCstj|tjjSr3)rrrZ public_bytesrrrr[r7r7r8)_translate_pyca_cryptography_cert_to_asn1 s rT)frozenc@s8eZdZUdZejed<eejed<eej ed<dS)rzT Value type to describe certificates included in a CMS signed data payload. signer_cert other_certsattribute_certsN) r:r;r<r=rr__annotations__rr ZAttributeCertificateV2r7r7r7r8r&s  sidcsFjdkrfddSjdkr>jjtdfddStdS)NZissuer_and_serial_numbercs tj|Sr3)r-rkcrr7r8>z'_get_signer_predicate..Zsubject_key_identifierzThe signature in this SignedData value seems to be identified by a subject key identifier --- this is legal in CMS, but many PDF viewers and SDKs do not support this feature.cs |jkSr3)Zkey_identifierr)skir7r8rHr)rFrkrDrrrrr7)rrr8_get_signer_predicate<s    rcCsNt|d}d}g}|D]}||r*|}q||q|dkrFtd||fS)Nrz,signer certificate not included in signature)rappendr/)rL signer_info predicaterJrrr7r7r8_partition_certsLs  r) signed_datarKcCs2z|d\}|WStk r,tdYnXdS)a5 Extract the unique ``SignerInfo`` entry of a CMS signed data value, or throw a ``ValueError``. :param signed_data: A CMS ``SignedData`` value. :return: A CMS ``SignerInfo`` value. :raises ValueError: If the number of ``SignerInfo`` values is not exactly one. Z signer_infosz-signer_infos should contain exactly one entryN)rlr/)rrr7r7r8r ^s  c Csrg}g}|dD]8}|j}|jdkr4||q|jdkr||qt|}t||\}}t|||d}|S)a Extract and classify embedded certificates found in the ``certificates`` field of the signed data value. :param signed_data: A CMS ``SignedData`` value. :return: A :class:`SignedDataCerts` object containing the embedded certificates. Z certificatesrZ v2_attr_cert)rrr)rkZuntagrFrr rr) rrLZ attr_certsrrJrrrZ cert_infor7r7r8r!ss       )stream byte_range md_algorithmrKc Csbt|}t|}d}t|}t|D],\}} ||tj|||| d|| 7}q(||fS)a  Internal API to compute byte range digests. Potentially dangerous if used without due caution. :param stream: Stream over which to compute the digest. Must support seeking and reading. :param byte_range: The byte range, as a list of (offset, length) pairs, flattened. :param md_algorithm: The message digest algorithm to use. :param chunk_size: The I/O chunk size to use. :return: A tuple of the total digested length, and the actual digest. r)Zmax_read) r(rr_ bytearrayrZ pair_iterseekZchunked_digestra) rrr chunk_sizeZmd_specrfZ total_lenZ chunk_bufloZ chunk_lenr7r7r8r0s   )r\)F)F)Zr=rVloggingZ dataclassesrtypingrrrrrrZ asn1cryptor r r r r rZasn1crypto.algosrZcryptography.hazmat.primitivesrrZ)cryptography.hazmat.primitives.asymmetricrZ-cryptography.hazmat.primitives.asymmetric.rsarZ/cryptography.hazmat.primitives.asymmetric.utilsrZpyhanko_certvalidator.registryrrZpyhanko.pdf_utilsr__all__ getLoggerr:rrlr1r2r/rKeyErrorrrrrrrTr+rbr,rUrcr.ZIssuerAndSerialNumberZ IssuerSerialboolr-rrZ HashAlgorithmr(r4r'rr*r)r"bytesr%r#rr$r&rrrZSignerIdentifierrrZ SignedDataZ SignerInfor r!ZDEFAULT_CHUNK_SIZEintr0r7r7r7r8s          & % ! 1  ' %