5da dZddlmZddlmZmZddlmZmZddlm Z m Z ddl m Z m Z ddlmZddlmZd Zeeeeeeeed gZd d gZGd deZGddeZGddeZ GddeZ!dZ"dZ#dZ$GddZ%Gdde%ej&Z'Gdde%ej(Z)d^d"Z*eZ+d_d$Z,d`d&Z-dad(Z.dbd*Z/eZ0dcd,Z1Gd-d.e Z2ddd0Z3ded3Z4dfd6Z5dgd9Z6e+Z7dhd;Z8did>Z9djd@Z:dkdBZ;e7ZeZ?dndHZ@dodJZAeZBdpdLZCeZDdqdOZEdrdRZFe0ZGdsdUZHdtdWZIdXZJdYZKdud\ZLd]ZMd S)va This module contains functions that provide format validation, serialization, and some key transformations for the pyca/cryptography library. These are used across conda_content_trust modules. Function Manifest for this Module, by Category Encoding: x canonserialize Formats and Validation: PrivateKey -- extends cryptography.hazmat.primitives.asymmetric.ed25519.Ed25519PrivateKey PublicKey -- extends cryptography.hazmat.primitives.asymmetric.ed25519.Ed25519PublicKey checkformat_string x is_hex_string x is_hex_signature r is_hex_key r checkformat_hex_key r checkformat_list_of_hex_keys x is_signable x checkformat_byteslike x checkformat_natural_int x checkformat_expiration_distance x checkformat_utc_isoformat x checkformat_gpg_fingerprint is_gpg_fingerprint x checkformat_gpg_signature is_gpg_signature checkformat_any_signature checkformat_delegation checkformat_delegations checkformat_delegating_metadata x iso8601_time_plus_delta Crypto Utility: x sha512256 x keyfiles_to_keys x keyfiles_to_bytes Exceptions: CCT_Error SignatureError MetadataVerificationError UnknownRoleError ) annotations)hexlify unhexlify)datetime timedelta)dumpsload)AnyProtocol) serialization)ed25519z0.6.0Nrootkey_mgrceZdZdZdS) CCT_Errorz All errors we raise that are not ValueErrors, TypeErrors, or certain errors from securesystemslib should be instances of this class or of subclasses of this class. N__name__ __module__ __qualname____doc__:lib/python3.11/site-packages/conda_content_trust/common.pyrrQrrceZdZdZdS)SignatureErrorzi Indicates that a signable cannot be verified due to issues with the signature(s) inside it. NrrrrrrYrrceZdZdZdS)MetadataVerificationErrorz Indicates that a chain of authority metadata cannot be verified (e.g. a metadata update is found on the repository, but could not be authenticated). Nrrrrrr`rrrceZdZdZdS)UnknownRoleErrorzs Indicates that a piece of role metadata (like root.json, or key_mgr.json) was expected but not found. Nrrrrr!r!hrrr!cr t|dd}n#t$rwxYw|dS)u Given a JSON-compatible object, does the following: - serializes the dictionary as utf-8-encoded JSON, lazy-canonicalized such that any dictionary keys in any dictionaries inside are sorted and indentation is used and set to 2 spaces (using json lib) TODO: ✅ Implement the serialization checks from serialization document. Note that if the provided object includes a dictionary that is *indexed* by both strings and integers, a TypeError will be raised complaining about comparing strings and integers during the sort. (Each dictionary in an object must be indexed only by strings or only by integers.) T)indent sort_keysutf-8)r TypeErrorencode)obj json_strings rcanonserializer+osS CT:::     g & &&s !ctt|d5}t|}dddn #1swxYwY|S)Nrb)openr )fnamefobjmetadatas rload_metadata_from_filer2sx eT  d:: Os -11ct|}t|d5}||ddddS#1swxYwYdS)zi Canonicalizes and serializes JSON-friendly metadata, and writes that to the given filename. wbN)r+r.write)r1filenamer0s rwrite_metadata_to_filer7sh''H h   8sAA AcTeZdZdZedZedZedZdS)MixinKeyz This is a mix-in (https://www.ianlewis.org/en/mixins-and-python) for the PrivateKey and PublicKey classes, specifically. It provides some convenience functions. clt||dS)Nr&)rto_bytesdecodeclskeys rto_hexzMixinKey.to_hexs*s||C(())00999rct|t|t|urdS||||kS)z Given Ed25519PrivateKey or Ed25519PublicKey objects, determines if the underlying key data is identical. F)checkformat_keytyper;)r>k1k2s ris_equivalent_tozMixinKey.is_equivalent_tosQ  88488 # #5||B3<<#3#333rct|t|}||}t||SN)checkformat_hex_keyr from_bytesrB)r>key_value_in_hexkey_value_in_bytes new_objects rfrom_hexzMixinKey.from_hexsH ,---&'788^^$677  ###rN)rrrr classmethodr@rFrNrrrr9r9so ::[:44[4[rr9cHeZdZdZedZefdZxZS) PrivateKeya  This class expands the class cryptography.hazmat.primitives.asymmetric.ed25519.Ed25519PrivateKey very slightly, adding some functionality from MixinKey. Note on the sign() method: We preserve Ed25519PrivateKey's sign method unchanged. The sign() method is deterministic and does not depend at any point on the ability to generate random data (unlike the key generation). The returned value for sign() is a length 64 bytes() object, a raw ed25519 signature. c|tjjtjjtjS)N)encodingformatencryption_algorithm) private_bytesr EncodingRaw PrivateFormat NoEncryptionr=s rr;zPrivateKey.to_bytess=  "+/ .2!.!;!=!=!   rcdt|t|Sa Constructs an object of the class based on the given key value. The "cryptography" library provides from_public_bytes() and from_private_bytes() class methods for Ed25519PublicKey and Ed25519PrivateKey classes in place of constructors. We extend provide a single API for those, and make the created objects objects of the subclass using this mix-in. )checkformat_byteslikesuperfrom_private_bytesr>rL __class__s rrJzPrivateKey.from_bytess- 0111ww))*<===rrrrrrOr;rJ __classcell__ras@rrQrQsi    [  > > > >[ > > > > >rrQcHeZdZdZedZefdZxZS) PublicKeyz This class expands the class cryptography.hazmat.primitives.asymmetric.ed25519.Ed25519PublicKey very slightly, adding some functionality from MixinKey. We preserve Ed25519PublicKey's verify() method unchanged. cj|tjjtjjS)zi Pops out the nice, tidy bytes of a given ed25519 key object, public or private. ) public_bytesr rWrX PublicFormatr=s rr;zPublicKey.to_bytess-   " & (B(F   rcdt|t|Sr\)r]r^from_public_bytesr`s rrJzPublicKey.from_bytess- 0111ww(();<<= 1.)rrq)rs rcheckformat_natural_intrs2 ;;&&+//4555 rstringrcNt|tstd|S)NzExpecting a string)rrr')rs rcheckformat_stringrs( fc " ".,--- Mrexpiration_distancerct|ts,tdtt |z|S)NzLExpiration distance must be a datetime.timedelta object. Instead received a )rrr'rrC)rs rcheckformat_expiration_distancersN )9 5 5  "$'-@(A(A$B$B C   rHexKeycht|dt|krtd|S)N@zExpected a list of 64-character hex strings representing keys.z]The given list of keys in hex string form contains duplicates. Duplicates are not permitted.)rlistr'rIrrrq)rrs rcheckformat_list_of_hex_keysrs & - -  L   $%%G$$$$ 3 !!S)9%:%::: ,   r date_stringcp tj|dn#t$rtddwxYw|S)Nz%Y-%m-%dT%H:%M:%SZzThe provided string appears not to be a datetime string formatted as an ISO8601 UTC-specific datetime (e.g. "1999-12-31T23:59:59Z").)rstrptimerqr')rs rcheckformat_utc_isoformatrs]+';<<<<  '     s3gpg_fingerprintcV t|dS#ttf$rYdSwxYw)z True if the given value is a hex string of length 40 (representing a 20-byte SHA-1 value, which is what OpenPGP/GPG uses as a key fingerprint). TF)checkformat_gpg_fingerprintr'rqrs ris_gpg_fingerprintrsA #O444t z "uurtGPGFingerprintct|dkr"tdt|zdzt||r||krtd|S)z\ See is_gpg_fingerprint. Raises a TypeError if is_gpg_fingerprint is not True. (zThe given value, "z5", is not a full GPG fingerprint (40 hex characters).rw)rrqrrxryrzr{rs rrrs  ?r!! 3#7#7 7;3 3    MM/"""  " " $ $ (=(=(?(??(R(R S    r gpg_signaturecV t|dS#ttf$rYdSwxYw)NTF)checkformat_gpg_signaturerqr'rs ris_gpg_signaturersA!-000t  "uurt GPGSignaturect|ts/tdtt |zdzt t |ddggdfvrtdt|dstdt|dstdd |vrt|d |S) a Raises a TypeError if the given object is not a dictionary representing a signature in a format that we expect. This is similar to BUT NOT THE SAME AS that produced by securesystemslib.gpg.functions.create_signature(), conforming to securesystemslib.formats.GPG_SIGNATURE_SCHEMA. We use a slightly different format in order to include the raw ed25519 public key value. This is the format we expect for Root signatures. If the given object matches the format, returns silently. z@OpenPGP signatures objects must be dictionaries. Received type instead. other_headers signature)rsee_alsorzOpenPGP signature objects must include a "signature" and an "other_headers" entry, and may include a "see_also" entry. No other entries are permitted.zG"other_headers" entry in OpenPGP signature object must be a hex string.z"signature" entry in OpenPGP signature obj must be a hex string representing an ed25519 signature, 128 hex characters representing 64 bytes of data.r) rrr'rrCsortedrkeysrqrsrrrs rrr s' mT * *  $}--.. /1< =   d=%%''(()) +&2222 +   7 8 8  X    M+6 7 7  -   ]""#M*$=>>> rrcV t|dS#ttf$rYdSwxYw)a Returns True if signature_obj is a dictionary representing an ed25519 signature, either in the conda-content-trust normal format, or the format for a GPG signature. See conda_content_trust.common.checkformat_signature() docstring for more details. TF)checkformat_signaturer'rqrs r is_signaturer<sAi(((t z "uurt Signaturect|tstdd|vrt|dst dt |dkr|St |r|St d)ab Raises a TypeError if the given object is not a dictionary. Raises a ValueError if the given object is a dictionary, but is not in our generalized signature format (supports both raw ed25519 signatures OpenPGP/GPG signatures). If the given object matches the format, returns silently. The generalized signature format is: { (REQUIRED) 'signature': <64-byte value ed25519 signature, as 128 hex chars>, (GPG SIGS ONLY) 'other_headers': , (OPTIONAL) 'see_also': <40-hex-character SHA1 OpenPGP/GPG key identifier, for diagnostic purposes> } Examples: { 'signature': 'deadbeef'*32} # normal ed25519 signature (no OpenPGP) { 'signature': 'deadbeef'*32, # OpenPGP ed25519 signature 'other_headers': 'deadbeef'*??} # extra info OpenPGP insists on signing over { 'signature': 'deadbeef'*32, # OpenPGP ed25519 signature 'other_headers': 'deadbeef'*??, 'see_also': 'deadbeef'*10}} # listing an OpenPGP key fingerprint z*Expected a signature object, of type dict.rzExpected a dictionary representing an ed25519 signature as a 128-character hex string. This requires at least key "signature", with value a 128-character hexadecimal string representing a (64-byte) ed25519 signature.rzProvided signature does not have the correct format for a signature object (neither simple ed25519 sig nor OpenPGP ed25519 sig).)rrr'rrqrrrs rrrNs2 i & & DEEEY&&+;Ik= 1. pubkeys must be a list of hexadecimal representations of ed25519 public keys. Note that because drafts are allowed, we do not demand here that the list of pubkeys include enough keys to meet threshold. Not listing pubkeys yet is okay during writing, but when verifying metadata, one should not accept delegations with impossible-to-meet requirements (len(pubkeys) < threshold) zZDelegation information must be a dictionary specifying "pubkeys" and "threshold" elements. thresholdpubkeysrc,g|]}t|Sr)r).0ks r z*checkformat_delegation..s>>>1A>>>rzDelegation information must be a dictionary specifying exactly two elements: "pubkeys" (assigned a list of 64-character hex strings representing individual ed25519 public keys) and "threshold", assigned an integer >= 1.) rrr'rrallrqrr)rs rcheckformat_delegationrs j$ ' '  2   JK333 { #q ( ( z),d 3 3 ) >> 9(=>>> ? ? ) F   !I!6777J{3444 r delegationsdict[str, Delegation]ct|tstd|D]&}t|t ||'|S)a A dictionary specifying a delegation for any number of role names. Index: rolename. Value: delegation (see checkformat_delegation). e.g. { 'root.json': {'pubkeys': ['01'*32, '02'*32, '03'*32], # each is a lower-case hex string w/ length 64 'threshold': 2}, # integer >= 1 'channeler.json': {'pubkeys': ['04'*32], 'threshold': 1}} z"Delegations" information must be a dictionary indexed by role names, with values equal to dictionaries that each specify elements "pubkeys" and "threshold".)rrr'rr)rindexs rcheckformat_delegationsrsh k4 ( (  :   335!!!{512222 rr1DelegatingMetadatact||dD]}t|d||d}dD](}||vr"tdt|zdz)t |d|dt vrtd|dzdzt |d t |d t|d d |vrd |vrtd|ddkrd |vrtddt vsJd |vrt|d d |vrt|d dSdS)a Validates argument "metadata" as delegating metadata. Passes if it is, raises a TypeError or ValueError if it is not. The required format is a dictionary containing all contents of a delegating metadata file, like root.json or key_mgr.json. (This includes both the signatures portion and the signed contents portion, in the usual envelope -- see also checkformat_signable.) The required structure: { 'signatures': {}, # for each entry in the 'signatures' dict: # - the key must pass checkformat_hex_key # - the value must pass checkformat_signature() # or checkformat_gpg_signature() 'signed': { 'type': : # must match a string in SUPPORTED_DELEGATING_METADATA_TYPES (e.g. 'root') 'metadata_spec_version': , 'delegations': {}, # value must pass checkformat_delegations() 'expiration': , # date must pass checkformat_utc_isoformat() # The 'signed' dict must always include either a 'timestamp' entry, # a 'version' entry, or both. Further, in root metadata the # 'signed' dict must always include a 'version' entry (to support # root chaining). 'timestamp': , # if included, must pass checkformat_utc_isoformat() 'version': # if included, must pass checkformat_natural_int(), i.e. be an integer >= 1 } } e.g. { "signatures": { # 0 or more signatures over the signed contents : { "other_headers": "04001608001d162104f075dd2f6f4cb3bd76134bbb81b6ca16ef9cd58905025f0bf546", "signature": "ab3e03385f757da74e08b46f1bf82709fbc2ce21823c28e2f0e3452415e2a9f1e2c82e418cc44e2908618cf0c7375f32fe0a5a75494909a59a82875ebc703c02", }, ... }, "signed": { # signed contents "delegations": { "key_mgr.json": { "pubkeys": [ "013ddd714962866d12ba5bae273f14d48c89cf0773dee2dbf6d4561e521c83f7" ], "threshold": 1 }, "root.json": { "pubkeys": [ "bfbeb6554fca9558da7aa05c5e9952b7a1aa3995dede93f3bb89f0abecc7dc07" ], "threshold": 1 } }, "expiration": "2021-07-13T05:46:45Z", "metadata_spec_version": "0.1.0", "timestamp": "2020-07-13T05:46:45Z", "type": "root", "version": 1 } } rr)rCmetadata_spec_versionr expirationz Expected a "z)" entry in the given delegating metadata.rCzGiven type entry ("z<") is not one of the supported types of delegating metadata.rrr timestampversionzMAll metadata must include a "version" entry, or a "timestamp" entry, or both.rz.Root metadata must specify its version number.N) rcheckformat_any_signaturerqrr#SUPPORTED_DELEGATING_METADATA_TYPESrrr)r1rcontentsentrys rcheckformat_delegating_metadatarsB""" l #==!(<"8";<<<<!H    U+/''  ! x'(((BBB !HV$4 48A A   x 78999 H]3444h|4555(""y'@'@ *   6!!ix&?&?IJJJ 8 8 8 8 8h!(;"7888H 344444rSignature | GPGSignaturec`t|st|std|S)NzExpected either a hex string representing a raw ed25519 signature (see checkformat_signature) or a dictionary representing an OpenPGP/GPG signature (see checkformat_gpg_signature).)rrrqrs rrrEsA  " " +;I+F+F  /    rct|dzd5}|}dddn #1swxYwYt|dzd5}|}dddn #1swxYwY||fS)aZ Toy function. Import an ed25519 key pair, in the forms of raw public and raw private keys, from name.pub and name.pri respectively. Cavalier about private key bytes. Does not perform input validation ('/'...). Return the 32 bytes of the private key object and the 32 bytes of the public key object, in that order. z.prir-Nz.pub)r.read)namer0rVrhs rkeyfiles_to_bytesrQs dVmT " "$d $$$$$$$$$$$$$$$ dVmT " "#dyy{{ ############### , &&s599A44A8;A8ct|\}}t|}t|}||fS)a$ Doesn't perform input validation. Import an ed25519 key pair, in the forms of raw public key bytes and raw private key bytes, from name.pub and name.pri respectively. Cavalier about private key bytes. Return a private key object and public key object, in that order. )rrQrJrf)rrVrhprivatepublics rkeyfiles_to_keysresF#4D"9"9M<##M22G  ! !, / /F F?rr?4ed25519.Ed25519PublicKey | ed25519.Ed25519PrivateKeyct|tjtjfs/t dt t |zdz|S)z Enforces expectation that argument is an object of type cryptography.hazmat.primitives.asymmetric.ed25519.Ed25519PublicKey or cryptography.hazmat.primitives.asymmetric.ed25519.Ed25519PrivateKey. zsExpected an Ed25519PublicKey or Ed25519PrivateKey object from the "cryptography" library. Received object of type r)rr Ed25519PublicKeyEd25519PrivateKeyr'rrC)r?s rrBrBus^ cG4g6OP Q Q  I$s))nn      Jrct|tjd|z}|dzS)a Applies a datetime.timedelta to the current time in UTC with microseconds stripped, then converts to ISO8601 format and appends a 'Z' indicating that it is UTC time, not local time. We only deal with UTC times! This is used for two purposes: - get current time in ISO8601 format, by passing in a 0 timedelta - get ISO8601 UTC timestamp for expiration dates regex for time: '^[0-9]{4}-[0-9]{2}-[0-9]{2}T[0-9]{2}:[0-9]{2}:[0-9]{2}Z$' r) microsecondZ)rrutcnowreplace isoformat)delta unix_expirys riso8601_time_plus_deltarsL$E***/##+++::UBK  " "S ((r)rlr rmrn)rlr rmru)r|r rmrn)rr rmrn)rr rmrn)rr rmr)rr rmr)rr rmr)rr rmr)rr rmr)rr rmr)rr rmr)rr rmr)rr rmrn)rr rmr)rr rmrn)rr rmr)rr rmrn)rr rmr)rr rmr)rr rmr)r1r rmr)rr rmr)r?r rmr)Nr __future__rbinasciirrrrjsonrr typingr r cryptography.hazmat.primitivesr )cryptography.hazmat.primitives.asymmetricr SECURITY_METADATA_SPEC_VERSIONrrtuplerrfloatrnrCrr Exceptionrrrr!r+r2r7r9rrQrrfrsrurprrrrrrr]rrrrrIrrrrrrrrrrrrrrrrrrrrBrrrrr s,,Z#"""""''''''''(((((((( 888888======") !%dE3UD$$t**U(.y&9# Y y'''6       D$>$>$>$>$>74$>$>$>N!=!=!=!=!='2!=!=!=\                                    *        6 0000f      5 5 5 5 p $$$$N2t5t5t5t5r    '''(    ")))))r