o &gs@s"ddlZddlZddlmZmZddlmZmZddlm Z ddl m Z ddl m Z mZmZddlmZddlmZdd lmZdd lmZmZmZdd lmZdd lmZdd lmZmZddl m!Z!ddl"m#Z#ddl"m$Z$ddl"m%Z%ddl"m&Z&ddl"m'Z'ddl"m(Z(m)Z)ddl"m*Z*ddl+m,Z,dZ-GdddedZ.ddZ/ddZ0dd Z1d!d"Z2d#d$Z3Gd%d&d&Z4Gd'd(d(e4Z5Gd)d*d*e4Z6Gd+d,d,e4Z7Gd-d.d.e4Z8Gd/d0d0e5e.Z9Gd1d2d2e5e.Z:Gd3d4d4e5e.Z;Gd5d6d6e6e.ZGd;d<dd>e7e.Z@Gd?d@d@e7e.ZAGdAdBdBe7e.ZBGdCdDdDe6e.ZCGdEdFdFe6e.ZDGdGdHdHe6e.ZEGdIdJdJe8e.ZFGdKdLdLZGGdMdNdNeGZHGdOdPdPeHe.ZIGdQdRdReHe.ZJGdSdTdTeHe.ZKGdUdVdVeGZLGdWdXdXeLe.ZMGdYdZdZeLe.ZNGd[d\d\eLe.ZOGd]d^d^eGZPGd_d`d`ePe.ZQGdadbdbePe.ZRGdcddddePe.ZSGdedfdfeGZTGdgdhdheTe.ZUGdidjdjeTe.ZVGdkdldleTe.ZWGdmdndneGe.ZXGdodpdpeGe.ZYGdqdrdreYZZGdsdtdteYZ[GdudvdveYZ\Gdwdxdxe4e.Z]GdydzdzZ^Gd{d|d|e^Z_Gd}d~d~e_e.Z`Gddde_e.ZaGddde_e.ZbGddde^ZcGdddece.ZdGdddece.ZeGdddece.ZfGddde7e.ZgGddde7e.ZhGddde7e.ZiGdddZjdS)N)ABCMetaabstractmethod)hexlify unhexlify)InvalidSignature)default_backend) constant_timehasheshmac)ec)padding)utils)Cipher algorithmsmodes) ConcatKDFHash) PBKDF2HMAC)aes_key_unwrap aes_key_wrap)PKCS7)InvalidCEKeyLength)InvalidJWAAlgorithm)InvalidJWEKeyLength)InvalidJWEKeyType)InvalidJWEOperation)base64url_decodebase64url_encode) json_decode)JWKi@c@sheZdZeeddZeeddZeeddZeeddZeed d Z ed d Z d S) JWAAlgorithmcCdS)zThe algorithm NameNselfr!r!K/root/parts/websockify/install/lib/python3.10/site-packages/jwcrypto/jwa.pyname$zJWAAlgorithm.namecCr )zA short descriptionNr!r"r!r!r$ description)r&zJWAAlgorithm.descriptioncCr )zThe algorithm key sizeNr!r"r!r!r$keysize.r&zJWAAlgorithm.keysizecCr )zOne of 'alg', 'enc' or 'JWK'Nr!r"r!r!r$algorithm_usage_location3r&z%JWAAlgorithm.algorithm_usage_locationcCr )zOne of 'sig', 'kex', 'enc'Nr!r"r!r!r$ algorithm_use8r&zJWAAlgorithm.algorithm_usecCs"z|jWSty|jYSw)zThe input key size) wrap_key_sizeAttributeErrorr(r"r!r!r$ input_keysize=s   zJWAAlgorithm.input_keysizeN) __name__ __module__ __qualname__propertyrr%r'r(r)r*r-r!r!r!r$r"s$     r) metaclasscCs t|dSN)lenxr!r!r$_bitsizeF r8cCs|dSr3r!r6r!r!r$_inbytesJsr:cCs"|ddkr tdtt|S)Nr4rzlength must be a multiple of 8) ValueErrorosurandomr:r6r!r!r$ _randombitsNs r>cCs2d|}|ddd}t||dd|S)Nz{:x}r40)formatrrjust)nbitseilenr!r!r$ _encode_intUs rHcCstt|dS)N)intr)rDr!r!r$ _decode_int[srKc@eZdZddZddZdS)_RawJWScCtNNotImplementedErrorr#keypayloadr!r!r$signaz _RawJWS.signcCrNrOrPr#rSrT signaturer!r!r$verifydrVz_RawJWS.verifyNr.r/r0rUrYr!r!r!r$rM_ rMc@,eZdZddZddZddZddZd S) _RawHMACcCst|_||_dSrO)rbackendhashfnr#r_r!r!r$__init__js z_RawHMAC.__init__cCs"tj||j|jd}|||S)Nr^)r HMACr_r^update)r#rSrThr!r!r$ _hmac_setupns z_RawHMAC._hmac_setupcCs"t|d}|||}|SNrU)r get_op_keyrffinalize)r#rSrTskeyrer!r!r$rUss z _RawHMAC.signcCs(t|d}|||}||dSNrY)rrhrfrY)r#rSrTrXvkeyrer!r!r$rYxs z_RawHMAC.verifyN)r.r/r0rarfrUrYr!r!r!r$r]hs  r]c@s$eZdZddZddZddZdS)_RawRSAcC||_||_dSrO)padfnr_)r#ror_r!r!r$ra z_RawRSA.__init__cCs|d}|||j|jSrg)rhrUror_r#rSrTrjr!r!r$rUs z _RawRSA.signcCs"|d}||||j|jdSrk)rhrYror_r#rSrTrXpkeyr!r!r$rYs z_RawRSA.verifyN)r.r/r0rarUrYr!r!r!r$rm~s rmc@s0eZdZddZeddZddZddZd S) _RawECcCrnrO)_curver_)r#curver_r!r!r$rarpz_RawEC.__init__cCs|jSrO)rur"r!r!r$rvsz _RawEC.curvecCsJ|d|j}|j}||t|j}t|\}}t ||t ||Srg) rhrukey_sizerUr ECDSAr_ec_utilsdecode_dss_signaturerH)r#rSrTrjsizerXrsr!r!r$rUs z _RawEC.signcCsp|d|j}|dt|d}|t|dd}ttt|dtt|d}|||t |j dS)NrYr@rI) rhrur5ryencode_dss_signaturerJrrYr rxr_)r#rSrTrXrsr|r} enc_signaturer!r!r$rYsz _RawEC.verifyN)r.r/r0rar1rvrUrYr!r!r!r$rts   rtc@rL)_RawNonecCr )Nr!rRr!r!r$rUrVz _RawNone.signcCs$|ddks |dkrtddS)Nktyoctrz'The "none" signature cannot be verified)rhrrWr!r!r$rYsz_RawNone.verifyNrZr!r!r!r$rr[rc0eZdZdZdZdZdZdZfddZZ S)_HS256HS256zHMAC using SHA-256algsigctt|tdSrO)superrrar SHA256r" __class__r!r$raz_HS256.__init__ r.r/r0r%r'r(r)r*ra __classcell__r!r!rr$rrcr)_HS384HS384zHMAC using SHA-384rrcrrO)rrrar SHA384r"rr!r$rarz_HS384.__init__rr!r!rr$rrrcr)_HS512HS512zHMAC using SHA-512rrcrrO)rrrar SHA512r"rr!r$rarz_HS512.__init__rr!r!rr$rrrcr)_RS256RS256zRSASSA-PKCS1-v1_5 using SHA-256rrctt|ttdSrO)rrrar PKCS1v15r rr"rr!r$raz_RS256.__init__rr!r!rr$rrrcr)_RS384RS384zRSASSA-PKCS1-v1_5 using SHA-384rrrcrrO)rrrar rr rr"rr!r$rarz_RS384.__init__rr!r!rr$rrrcr)_RS512RS512zRSASSA-PKCS1-v1_5 using SHA-512rrrcrrO)rrrar rr rr"rr!r$rarz_RS512.__init__rr!r!rr$rrrcr)_ES256ES256zECDSA using P-256 and SHA-256rrrctt|dtdS)NzP-256)rrrar rr"rr!r$raz_ES256.__init__rr!r!rr$rrrcr)_ES256KES256Kz'ECDSA using secp256k1 curve and SHA-256rrrcr)N secp256k1)rrrar rr"rr!r$ra rz_ES256K.__init__rr!r!rr$rrrcr)_ES384ES384zECDSA using P-384 and SHA-384rrrcr)NzP-384)rrrar rr"rr!r$rarz_ES384.__init__rr!r!rr$rrrcr)_ES512ES512zECDSA using P-521 and SHA-512rrrcr)NzP-521)rrrar rr"rr!r$ra#rz_ES512.__init__rr!r!rr$rrrcr)_PS256PS256z.RSASSA-PSS using SHA-256 and MGF1 with SHA-256rrrc4ttttjj}tt||tdSrO) r PSSMGF1r r digest_sizerrrar#rorr!r$ra/z_PS256.__init__rr!r!rr$r'rrcr)_PS384PS384z.RSASSA-PSS using SHA-384 and MGF1 with SHA-384rrrcrrO) r rrr rrrrrarrr!r$ra=rz_PS384.__init__rr!r!rr$r5rrcr)_PS512PS512z.RSASSA-PSS using SHA-512 and MGF1 with SHA-512rrrcrrO) r rrr rrrrrarrr!r$raKrz_PS512.__init__rr!r!rr$rCrrc@ eZdZdZdZdZdZdZdS)_Nonenonez%No digital signature or MAC performedrrrNr.r/r0r%r'r(r)r*r!r!r!r$rQ rc@rL) _RawKeyMgmtcCrNrOrP)r#rSbitsizecekheadersr!r!r$wrap\rVz_RawKeyMgmt.wrapcCrNrOrP)r#rSrekrr!r!r$unwrap_rVz_RawKeyMgmt.unwrapN)r.r/r0rrr!r!r!r$rZr[rc@r\) _RSAcCs ||_dSrO)rorr!r!r$raes z _RSA.__init__cC0t|ts td|ddkrtd|ddS)Nkey is not a JWK objectrRSA isinstancerr;rr#rSr!r!r$ _check_keyh  z_RSA._check_keycCs8|||s t|}|d}|||j}||dS)NwrapKeyrr)rr>rhencryptror#rSrrrrkrr!r!r$ros   z _RSA.wrapcCs@|||d}|||j}t||krt|t||S)N unwrapKey)rrhdecryptror8rr#rSrrrrrr!r!r$rws   z _RSA.unwrapN)r.r/r0rarrrr!r!r!r$rcs  rcs<eZdZdZdZdZdZdZfddZfdd Z Z S) _Rsa15RSA1_5zRSAES-PKCS1-v1_5rrkexcrrO)rrrar rr"rr!r$rarz_Rsa15.__init__csH||t|}ztt|||||}tdty#|YSw)NDummy)rr>rrrr; Exceptionr#rSrrrrrr!r$rs  z _Rsa15.unwrap) r.r/r0r%r'r(r)r*rarrr!r!rr$rs rcr)_RsaOaepRSA-OAEPz#RSAES OAEP using default parametersrrrc,tt|ttttddSrO)rrrar OAEPrr SHA1r"rr!r$ra z_RsaOaep.__init__rr!r!rr$rrrcr) _RsaOaep256 RSA-OAEP-256z.RSAES OAEP using SHA-256 and MGF1 with SHA-256rrrcrrO)rrrar rrr rr"rr!r$rarz_RsaOaep256.__init__rr!r!rr$rrrc@0eZdZdZddZddZddZdd ZdS) _AesKwNcC t|_dSrOrr^r"r!r!r$rar9z_AesKw.__init__cC\t|ts td|ddkrtd|dt||}t||jkr,t|jt||SNrrr rrr;rrrhr8r(rr#rSoprr!r!r$_get_key  z_AesKw._get_keycCs0||d}|s t|}t||t}||dS)Nrr)rr>rrrr!r!r$rs  z _AesKw.wrapcCs8||d}t||t}t||krt|t||S)Nr)rrrr8rrr!r!r$rs  z _AesKw.unwrapr.r/r0r(rarrrr!r!r!r$rs  rc@r)_A128KWA128KWzAES Key Wrap using 128-bit keyrrNrr!r!r!r$rrrc@r)_A192KWA192KWzAES Key Wrap using 192-bit keyrrNrr!r!r!r$rrrc@r)_A256KWA256KWzAES Key Wrap using 256-bit keyrrrNrr!r!r!r$rrrc@r) _AesGcmKwNcCrrOrr"r!r!r$rar9z_AesGcmKw.__init__cCrrrrr!r!r$rrz_AesGcmKw._get_keyc Csv||d}|s t|}td}tt|t||jd}|}| || } |j } || t |t | ddS)Nr`rb)ivtag)rrheader) rr>rrAESrGCMr^ encryptorrdrirr) r#rSrrrrrcipherrrrr!r!r$rs z_AesGcmKw.wrapc Cs||d}d|vrtdt|d}d|vrtdt|d}tt|t|||jd}| } | || } t | |krKt |t | | S)Nrrz&Invalid Header, missing "iv" parameterrz'Invalid Header, missing "tag" parameterrb)rr;rrrrrrr^ decryptorrdrir8r) r#rSrrrrrrrrrr!r!r$rs    z_AesGcmKw.unwraprr!r!r!r$rs  rc@r) _A128GcmKw A128GCMKWz+Key wrapping with AES GCM using 128-bit keyrrrNrr!r!r!r$r+rrc@r) _A192GcmKw A192GCMKWz+Key wrapping with AES GCM using 192-bit keyrrrNrr!r!r!r$r4rrc@r) _A256GcmKw A256GCMKWz+Key wrapping with AES GCM using 256-bit keyrrrNrr!r!r!r$r =rr c@s8eZdZdZdZdZddZddZddZdd Z dS) _Pbes2HsAesKwNcCt|_tttd|_dSN)rrrrr^rrraeskwmapr"r!r!r$raLz_Pbes2HsAesKw.__init__c Cs|tkrtdt|tst|tr|}n |d}nt|}t|jdd|}|j dkr7t }n|j dkrAt }n|j dkrKt }ntdt|t|j|||jd}||} t| |jkrpt|jt| td d t| d S) NzInvalid p2c value, too largeutf8rrrzUnknown Hash Size) algorithmlengthsalt iterationsr^rencrusek)default_max_pbkdf2_iterationsr;rrbytesencoderrhr%hashsizer rrrrr:r(r^deriver8rr5r) r#rrSp2sp2cplainrhashalgkdfrr!r!r$rPs,            z_Pbes2HsAesKw._get_keyc Csi}d|vrt|d}t|dkrtdn td}t||d<d|vr*|d}nd}||d<||d|||}|j|j} | ||||} t|dkrS|| d <| S) Nr r4z'Invalid Salt, must be 8 or more octectsrr!i rrr) rr5r;r>rrrr(r) r#rSrrr ret_headerr r!kekaeskwretr!r!r$ros$     z_Pbes2HsAesKw.wrapc Csfd|vrtdd|vrtdt|d}|d}||d|||}|j|j}|||||S)Nr z'Invalid Header, missing "p2s" parameterr!z'Invalid Header, missing "p2c" parameterr)r;rrrr(r) r#rSrrrr r!r&r'r!r!r$rs z_Pbes2HsAesKw.unwrap) r.r/r0r%r(rrarrrr!r!r!r$r Fs r c@$eZdZdZdZdZdZdZdZdS)_Pbes2Hs256A128KwPBES2-HS256+A128KWz-PBES2 with HMAC SHA-256 and "A128KW" wrappingrrrrN r.r/r0r%r'r(r)r*rr!r!r!r$r*r*c@r))_Pbes2Hs384A192KwPBES2-HS384+A192KWz-PBES2 with HMAC SHA-384 and "A192KW" wrappingrrrrNr,r!r!r!r$r.r-r.c@r))_Pbes2Hs512A256KwPBES2-HS512+A256KWz-PBES2 with HMAC SHA-512 and "A256KW" wrappingrrrrNr,r!r!r!r$r0r-r0c@s8eZdZdZdZdZdZdZddZdd Z d d Z d S) _Directdirz$Direct use of a shared symmetric keyrrrcCrrrrr!r!r$rrz_Direct._check_keycCsF|||r |dfSt|d}t||krt|t|d|iS)Nrr)rrrhr8r)r#rSrrrrr!r!r$rs  z _Direct.wrapcCsF|||dkr tdt|d}t||kr!t|t||S)NzInvalid Encryption Key.r)rr;rrhr8rrr!r!r$rs  z_Direct.unwrapN) r.r/r0r%r'r(r)r*rrrr!r!r!r$r2s r2c@sHeZdZdZdZdZdZdZddZdd Z d d Z d d Z ddZ dS)_EcdhEsECDH-ESzECDH-ES using Concat KDFrrNcCr r rr"r!r!r$rarz_EcdhEs.__init__cCsZt|ts td|ddvrtd|d|ddkr)|ddvr+td|ddSdS) Nrr)ECOKPz EC or OKPr8crv)X25519X448zX25519 or X448rrr!r!r$rs    z_EcdhEs._check_keyc Cstdt|}|t|d7}d|vrt|dnd}|tdt|7}||7}d|vr5t|dnd}|tdt|7}||7}|td|7}t|tjr\| t |} n| |} t t t|||jd} | | S)Nz>Irapur4apv)rr otherinfor^)structpackr5rrrrr EllipticCurvePrivateKeyexchangeECDHrr rr:r^r) r#privkeypubkeyrrrr>r<r= shared_keyckdfr!r!r$_derives$   z_EcdhEs._derivec Cs|||j}|jdur|durtd|d}|}n|d}tj|d|dd}||d|d|||}|jdurDd |i} n|j|j} td dt|d } | | |||} d t | i| d <| S)Nz"ECDH-ES cannot use an existing CEKrrrr9)rr9rrrrrepkr) rr(rrgeneraterHrhrrrr export_public) r#rSrrrdk_sizerrIdkr(r'r&r!r!r$r s(     z _EcdhEs.wrapc Csd|vrtd|||j}|jdur|d}|}n|d}td i|d}||d|d|||}|jdur?|S|j|j} tddt|d} | | |||} | S) NrIz'Invalid Header, missing "epk" parameterrrrrrrr!) r;rr(rrHrhrrr) r#rSrrrrLrrIrMr'r&rr!r!r$r$s&    z_EcdhEs.unwrap) r.r/r0r%r'r)r*r(rarrHrrr!r!r!r$r5s # r5c@r)_EcdhEsAes128KwECDH-ES+A128KWz.ECDH-ES using Concat KDF and "A128KW" wrappingrrrNrr!r!r!r$rN<rrNc@r)_EcdhEsAes192KwECDH-ES+A192KWz.ECDH-ES using Concat KDF and "A192KW" wrappingrrrNrr!r!r!r$rPErrPc@r)_EcdhEsAes256KwECDH-ES+A256KWz.ECDH-ES using Concat KDF and "A256KW" wrappingrrrNrr!r!r!r$rRNrrRc@s0eZdZdZdZdZdZdZddZdd Z dS) _EdDsaEdDSAz'EdDSA using Ed25519 or Ed448 algorithmsrrNcCs$|ddvr|d}||St)Nr9Ed25519Ed448rU)rhrUrQrqr!r!r$rU_s   z _EdDsa.signcCs&|ddvr|d}|||St)Nr9rVrY)rhrYrQrrr!r!r$rYes   z _EdDsa.verify) r.r/r0r%r'r)r*r(rUrYr!r!r!r$rTWs rTc@rL)_RawJWEcCrNrOrP)r#raadmr!r!r$rnrVz_RawJWE.encryptcCrNrOrP)r#rrZrrFtr!r!r$rqrVz_RawJWE.decryptN)r.r/r0rrr!r!r!r$rYlr[rYc@r) _AesCbcHmacSha2NcCs(t|_||_tjj|_|jd|_dS)Nr@) rr^r_rr block_size blocksizer(r+r`r!r!r$rays z_AesCbcHmacSha2.__init__cCsdtt|d}tj||j|jd}|||||||||}|dt|j S)N@rb) rHr8r rcr_r^rdrir:r()r#rrZrrFalrer[r!r!r$_macs    z_AesCbcHmacSha2._macc Cst|t|jkr td|dt|j}|t|jd}t|j}tt |t ||j d}| }t|j} | || } || |} ||||| } || | fS) Encrypt according to the selected encryption and hashing functions. :param k: Encryption key :param aad: Additional Authentication Data :param m: Plaintext Returns a dictionary with the computed data. Invalid input key sizeNrb)r5r:r+r;r(r>r_rrrrCBCr^rrpadderrdrirb) r#rrZr[hkeyekeyrrrrf padded_datarFr\r!r!r$rs   z_AesCbcHmacSha2.encryptc Cst|t|jkr td|dt|j}|t|jd}t||||||s/tdt t |t ||jd}|} | || } t|j} | | | S)A Decrypt according to the selected encryption and hashing functions. :param k: Encryption key :param aad: Additional Authenticated Data :param iv: Initialization Vector :param e: Ciphertext :param t: Authentication Tag Returns plaintext or raises an error rdNzFailed to verify MACrb)r5r:r+r;r(rbytes_eqrbrrrrrrer^rrdrirr_unpadder) r#rrZrrFr\rgdkeyrrdrlr!r!r$rs z_AesCbcHmacSha2.decrypt)r.r/r0r(rarbrrr!r!r!r$r]us  r]c0eZdZdZdZdZdZdZfddZZ S) _A128CbcHs256 A128CBC-HS256z&AES_128_CBC_HMAC_SHA_256 authenticatedrrcrrO)rrprar rr"rr!r$rarz_A128CbcHs256.__init__rr!r!rr$rprrpcro) _A192CbcHs384 A192CBC-HS384z&AES_192_CBC_HMAC_SHA_384 authenticatedrrcrrO)rrrrar rr"rr!r$rarz_A192CbcHs384.__init__rr!r!rr$rrrrrcro) _A256CbcHs512 A256CBC-HS512z&AES_256_CBC_HMAC_SHA_512 authenticatedrrcrrO)rrtrar rr"rr!r$rarz_A256CbcHs512.__init__rr!r!rr$rtrrtc@s(eZdZdZddZddZddZdS)_AesGcmNcCst|_|j|_dSrO)rr^r(r+r"r!r!r$ras z_AesGcm.__init__cCsTtd}tt|t||jd}|}||| || }|||j fS)rcrrb) r>rrrrrr^rauthenticate_additional_datardrir)r#rrZr[rrrrFr!r!r$rs   z_AesGcm.encryptcCsBtt|t|||jd}|}||||| S)rjrb) rrrrrr^rrwrdri)r#rrZrrFr\rrr!r!r$rs   z_AesGcm.decrypt)r.r/r0r(rarrr!r!r!r$rvs  rvc@ eZdZdZdZdZdZdZdS)_A128GcmA128GCMzAES GCM using 128-bit keyrrNrr!r!r!r$ryrryc@rx)_A192GcmA192GCMzAES GCM using 192-bit keyrrNrr!r!r!r$r{!rr{c@rx)_A256GcmA256GCMzAES GCM using 256-bit keyrrNrr!r!r!r$r}*rr}cr)_BP256R1BP256R1zsECDSA using Brainpool256R1 curve and SHA-256 (unregistered, custom-defined in breach of IETF rules by gematik GmbH)rrrcr)NzBP-256)rrrar rr"rr!r$ra?rz_BP256R1.__init__rr!r!rr$r3rcr)_BP384R1BP384R1zsECDSA using Brainpool384R1 curve and SHA-384 (unregistered, custom-defined in breach of IETF rules by gematik GmbH)rrrcr)NzBP-384)rrrar rr"rr!r$raOrz_BP384R1.__init__rr!r!rr$rCrrcr)_BP512R1BP512R1zsECDSA using Brainpool512R1 curve and SHA-512 (unregistered, custom-defined in breach of IETF rules by gematik GmbH)rrrcr)NzBP-512)rrrar rr"rr!r$ra_rz_BP512R1.__init__rr!r!rr$rSrrc @s*eZdZdZidededededede de d e d e d e d ed edededededeidededededededededededede de!d e"d!e#d"e$d#e%e&e'e(e)e*e+e,d$Z-e.d.d&d'Z/e.d(d)Z0e.d*d+Z1e.d,d-Z2d%S)/JWAzSJWA Signing Algorithms. This class provides access to all JWA algorithms. rrrrrrrrrrrrrrrrrrrrr3r6rOrQrSrUrrr r+r/r1rqrs)rurzr|r~rrrNcCs&|j|}|dur|j|krt|SrO)algorithms_registryr*KeyError)clsr%rrr!r!r$instantiate_algs zJWA.instantiate_algcC.z|j|ddWStytd|dw)Nrrz(%s is not a valid Signing algorithm namerrrrr%r!r!r$ signing_alg zJWA.signing_algcCr)Nrrz/%s is not a valid Key Management algorithm namerrr!r!r$ keymgmt_algrzJWA.keymgmt_algcCr)Nrrz+%s is not a valid Encryption algorithm namerrr!r!r$encryption_algrzJWA.encryption_algrO)3r.r/r0__doc__rrrrrrrrrrrrrrrrrrrrr2r5rNrPrRrTrrr r*r.r0rprrrtryr{r}rrrr classmethodrrrrr!r!r!r$rcs      !"#,   r)kr<r?abcrrbinasciirrcryptography.exceptionsrcryptography.hazmat.backendsrcryptography.hazmat.primitivesrr r )cryptography.hazmat.primitives.asymmetricr r r ry&cryptography.hazmat.primitives.ciphersrrr,cryptography.hazmat.primitives.kdf.concatkdfr)cryptography.hazmat.primitives.kdf.pbkdf2r&cryptography.hazmat.primitives.keywraprr&cryptography.hazmat.primitives.paddingrjwcrypto.commonrrrrrrrr jwcrypto.jwkrrrr8r:r>rHrKrMr]rmrtrrrrrrrrrrrrrrrrrrrrrrrrrrrr r r*r.r0r2r5rNrPrRrTrYr]rprrrtrvryr{r}rrrrr!r!r!r$s               $              #   4   L   !k    Q   .