Why Gemfury?
Push, build, and install
RubyGems
npm packages
Python packages
Maven artifacts
PHP packages
Go Modules
Debian packages
RPM packages
NuGet packages
triliodata-4-0-patch / contego deb
Repository URL to install this package:
|
Version:
4.0.109 ▾
|
ó
±EYc�����������@���s��d��Z��d�d�l�Z�d�d�l�m�Z�d�d�l�m�Z�d�d�l�m�Z�d�d�l�m �Z �d�d�l�m
�Z
�d�d�l�m
�Z
�d�d �l�m
�Z
�d�d
�l
�m�Z�d�d
�l�m�Z�d�d
�l�m�Z�d�d
�l�m�Z�d�d�l�m�Z�d�d�l�m�Z�d�d�l�m�Z�d�d�l�m
�Z
�m
�Z
�e�j
�e ��Z �i�e�j!���d�6e�j"���d�6e�j#���d�6e�j$���d�6Z%�d�Z&�d�Z'�e
�j(���e
�j)���e
�j*���e
�j+���e
�j,���e
�j-���f�Z.�d�Z/�e/�h�Z0�i�e
�j1�d�6Z2�d�e3�f�d�����YZ4�d
���Z5�d
���Z6�d
���Z7�e4�j8�e&�e
�j9�e5��e4�j8�e'�e �j:�e7��xF�e.�D]>�Z;�e���j<�e;��r
e4�j8�d �e;�j=�j>���e
�j?�e6��q
q
Wd ���Z@�d!���ZA�d"���ZB�d#���ZC�d$���ZD�d%���ZE�d�S(&���s ���Support signature verification.iÿÿÿÿN(���t���KeyManagerError(���t
���key_manager(���t���default_backend(���t���dsa(���t���ec(���t���padding(���t���rsa(���t���hashes(���t���x509(���t���log(���t���base64(���t
���encodeutils(���t ���timeutils(���t ���exception(���t���_t���_LEs���SHA-224s���SHA-256s���SHA-384s���SHA-512s���RSA-PSSt���DSAs���X.509t���MGF1t���SignatureKeyTypec�����������B���s5���e��Z�i��Z�d����Z�e�d����Z�e�d����Z�RS(���c���������C���s ���|�|��_��|�|��_�|�|��_�d��S(���N(���t���namet���public_key_typet���create_verifier(���t���selfR���R���R���(����(����sI���/home/tvault/.virtenv/lib/python2.7/site-packages/nova/signature_utils.pyt���__init__Q���s���� c���������C���s
���|��|�|�|��|��j��|�<d�S(���s�Register a signature key type.
:param name: the name of the signature key type
:param public_key_type: e.g. RSAPublicKey, DSAPublicKey, etc.
:param create_verifier: a function to create a verifier for this type
N(���t���_REGISTERED_TYPES(���t���clsR���R���R���(����(����sI���/home/tvault/.virtenv/lib/python2.7/site-packages/nova/signature_utils.pyt���registerV���s����c���������C���s9���|�|��j��k�r.�t�j�d�t�d��|���n��|��j��|�S(���s���Look up the signature key type.
:param name: the name of the signature key type
:returns: the SignatureKeyType object
:raises: SignatureVerificationError if signature key type is invalid
t���reasons
���Invalid signature key type: %s(���R���R
���t���SignatureVerificationErrorR���(���R���R���(����(����sI���/home/tvault/.virtenv/lib/python2.7/site-packages/nova/signature_utils.pyt���lookupb���s���� (���t���__name__t
���__module__R���R���t
���classmethodR���R
���(����(����(����sI���/home/tvault/.virtenv/lib/python2.7/site-packages/nova/signature_utils.pyR���M���s���
c���������C���s@���t��j�|��}�t��j�j�}�|�j�|��t��j�d�|�d�|��|��S(���s��Create the verifier to use when the key type is RSA-PSS.
:param signature: the decoded signature to use
:param hash_method: the hash method to use, as a cryptography object
:param public_key: the public key to use, as a cryptography object
:raises: SignatureVerificationError if the RSA-PSS specific properties
are invalid
:returns: the verifier to use to verify the signature for RSA-PSS
t���mgft
���salt_length(���R���R���t���PSSt
���MAX_LENGTHt���verifier(���t ���signaturet
���hash_methodt
���public_keyR!���R"���(����(����sI���/home/tvault/.virtenv/lib/python2.7/site-packages/nova/signature_utils.pyt���create_verifier_for_pssq���s
����
c���������C���s���|�j��|��t�j�|���S(���sD��Create the verifier to use when the key type is ECC_*.
:param signature: the decoded signature to use
:param hash_method: the hash method to use, as a cryptography object
:param public_key: the public key to use, as a cryptography object
:returns: the verifier to use to verify the signature for ECC_*.
(���R%���R���t���ECDSA(���R&���R'���R(���(����(����sI���/home/tvault/.virtenv/lib/python2.7/site-packages/nova/signature_utils.pyt���create_verifier_for_ecc���s���� c���������C���s���|�j��|��|��S(���s>��Create the verifier to use when the key type is DSA
:param signature: the decoded signature to use
:param hash_method: the hash method to use, as a cryptography object
:param public_key: the public key to use, as a cryptography object
:returns: the verifier to use to verify the signature for DSA
(���R%���(���R&���R'���R(���(����(����sI���/home/tvault/.virtenv/lib/python2.7/site-packages/nova/signature_utils.pyt���create_verifier_for_dsa���s���� t���ECC_c���
������C���s���i�|�d�6|�d�6|�d�6|�d�6}�xC�|�j����D]5�}�|�|�d�k�r/�t�j�d�t�d��|���q/�q/�Wt�|��}�t�|��}�t�j�|��} �t �|��|�| ��}
�| �j
�|�|�|
��}
�|
�rÀ�|
�St�j�d�t�d����d�S( ���s«��Instantiate signature properties and use them to create a verifier.
:param context: the user context for authentication
:param img_signature_certificate_uuid:
uuid of signing certificate stored in key manager
:param img_signature_hash_method:
string denoting hash method used to compute signature
:param img_signature: string of base64 encoding of signature
:param img_signature_key_type:
string denoting type of keypair used to compute signature
:returns: instance of
cryptography.hazmat.primitives.asymmetric.AsymmetricVerificationContext
:raises: SignatureVerificationError if we fail to build the verifier
t���img_signature_uuidt���img_signature_hash_methodt
���img_signaturet���img_signature_key_typeR���sp���Required image properties for signature verification do not exist. Cannot verify signature. Missing property: %ss*���Error occurred while creating the verifierN(
���t���keyst���NoneR
���R
���R���t
���get_signaturet���get_hash_methodR���R
���t���get_public_keyR���(
���t���contextt
���img_signature_certificate_uuidR/���R0���R1���t���image_meta_propst���keyR&���R'���t���signature_key_typeR(���R%���(����(����sI���/home/tvault/.virtenv/lib/python2.7/site-packages/nova/signature_utils.pyt
���get_verifier²���s,����
c���������C���sL���y�t��j�|���}�Wn2�t�t�j�f�k
�rG�t�j�d�t�d����n�X|�S(���s��Decode the signature data and returns the signature.
:param signature_data: the base64-encoded signature data
:returns: the decoded signature
:raises: SignatureVerificationError if the signature data is malformatted
R���s8���The signature data was not properly encoded using base64(���R
���t���decode_as_bytest ���TypeErrort���binasciit���ErrorR
���R
���R���(���t���signature_dataR&���(����(����sI���/home/tvault/.virtenv/lib/python2.7/site-packages/nova/signature_utils.pyR4�����s
���� c���������C���s3���|��t��k�r+�t�j�d�t�d��|����n��t��|��S(���s��Verify the hash method name and create the hash method.
:param hash_method_name: the name of the hash method to retrieve
:returns: the hash method, a cryptography object
:raises: SignatureVerificationError if the hash method name is invalid
R���s!���Invalid signature hash method: %s(���t
���HASH_METHODSR
���R
���R���(���t���hash_method_name(����(����sI���/home/tvault/.virtenv/lib/python2.7/site-packages/nova/signature_utils.pyR5����s����
c���������C���sS���t��|��|��}�|�j���}�t�|�|�j��sO�t�j�d�t�d��|�j���n��|�S(���s¤��Create the public key object from a retrieved certificate.
:param context: the user context for authentication
:param signature_certificate_uuid: the uuid to use to retrieve the
certificate
:param signature_key_type: a SignatureKeyType object
:returns: the public key cryptography object
:raises: SignatureVerificationError if public key format is invalid
R���s2���Invalid public key type for signature key type: %s(���t���get_certificateR(���t
���isinstanceR���R
���R
���R���R���(���R7���t���signature_certificate_uuidR;���t
���certificateR(���(����(����sI���/home/tvault/.virtenv/lib/python2.7/site-packages/nova/signature_utils.pyR6������s����
c���������C���sú���t��j���}�y�|�j�|��|��}�Wnc�t�k
�r�}�t�d��i�|�d�6t�j�|��d�6}�t�j�|��t �j
�d�t
�d��|���n�X|�j
�t
�k�r¹�t �j
�d�t
�d��|�j
���n��|�j
�t�k�rì�|�j���}�t�j�|�t����}�n��t�|��|�S(���s��Create the certificate object from the retrieved certificate data.
:param context: the user context for authentication
:param signature_certificate_uuid: the uuid to use to retrieve the
certificate
:returns: the certificate cryptography object
:raises: SignatureVerificationError if the retrieval fails or the format
is invalid
s4���Unable to retrieve certificate with ID %(id)s: %(e)st���idt���eR���s*���Unable to retrieve certificate with ID: %ss
���Invalid certificate format: %s(���R���t���APIt���getR����R���R
���t���exception_to_unicodet���LOGt���errorR
���R
���R���t���formatt���CERTIFICATE_FORMATSt���X_509t
���get_encodedR���t���load_der_x509_certificateR���t���verify_certificate(���R7���RF���t
���keymgr_apit���certRI���t���msgt ���cert_dataRG���(����(����sI���/home/tvault/.virtenv/lib/python2.7/site-packages/nova/signature_utils.pyRD�����s(����
c���������C���sr���t��j���}�|�|��j�k��r=�t�j�d�t�d��|��j���n1�|�|��j�k�rn�t�j�d�t�d��|��j���n��d�S(���s���Verify that the certificate has not expired.
:param certificate: the cryptography certificate object
:raises: SignatureVerificationError if the certificate valid time range
does not include now
R���s'���Certificate is not valid before: %s UTCs&���Certificate is not valid after: %s UTCN(���R
���t���utcnowt���not_valid_beforeR
���R
���R���t���not_valid_after(���RG���t���now(����(����sI���/home/tvault/.virtenv/lib/python2.7/site-packages/nova/signature_utils.pyRT���D��s����
(F���t���__doc__R?���t���castellan.common.exceptionR����t ���castellanR���t
���cryptography.hazmat.backendsR���t)���cryptography.hazmat.primitives.asymmetricR���R���R���R���t
���cryptography.hazmat.primitivesR���t
���cryptographyR���t���oslo_logR ���t���loggingt���oslo_serializationR
���t
���oslo_utilsR
���R
���t���novaR
���t ���nova.i18nR���R���t ���getLoggerR
���RM���t���SHA224t���SHA256t���SHA384t���SHA512RB���t���RSA_PSSR���t ���SECT571K1t ���SECT409K1t ���SECT571R1t ���SECT409R1t ���SECP521R1t ���SECP384R1t
���ECC_CURVESRQ���RP���R���t���MASK_GEN_ALGORITHMSt���objectR���R)���R+���R,���R���t
���RSAPublicKeyt
���DSAPublicKeyt���curvet���elliptic_curve_supportedR���t���uppert���EllipticCurvePublicKeyR<���R4���R5���R6���RD���RT���(����(����(����sI���/home/tvault/.virtenv/lib/python2.7/site-packages/nova/signature_utils.pyt���<module>���sf���
$
/ +