HEX
Server: Apache/2.4.52 (Ubuntu)
System: Linux spn-python 5.15.0-89-generic #99-Ubuntu SMP Mon Oct 30 20:42:41 UTC 2023 x86_64
User: arjun (1000)
PHP: 8.1.2-1ubuntu2.20
Disabled: NONE
$ pwd: /home/arjun/projects/env/lib/python3.10/site-packages/dns/__pycache__/
Upload Files
File: //home/arjun/projects/env/lib/python3.10/site-packages/dns/__pycache__/tsig.cpython-310.pyc
o

!we�,�@s�dZddlZddlZddlZddlZddlZddlZddlZddl	ZGdd�dej
j�ZGdd�dej
j�Z
Gdd�dej
j�ZGd	d
�d
ej
j�ZGdd�dej
j�ZGd
d�de�ZGdd�de�ZGdd�de�ZGdd�de�Zej�d�Zej�d�Zej�d�Zej�d�Zej�d�Zej�d�Zej�d�Zej�d�Zej�d�Zej�d�Z eZ!eded ed!ed"ed#ed$ed%ed!ed"e d&i
Z"Gd'd(�d(�Z#Gd)d*�d*�Z$Gd+d,�d,�Z%d:d-d.�Z&d/d0�Z'd;d2d3�Z(	1d<d4d5�Z)d6d7�Z*Gd8d9�d9�Z+dS)=zDNS TSIG support.�Nc@�eZdZdZdS)�BadTimez8The current time is not within the TSIG's validity time.N��__name__�
__module__�__qualname__�__doc__�r	r	�A/home/arjun/projects/env/lib/python3.10/site-packages/dns/tsig.pyr�rc@r)�BadSignaturez#The TSIG signature fails to verify.Nrr	r	r	r
r$rrc@r)�BadKeyz2The TSIG record owner name does not match the key.Nrr	r	r	r
r
)rr
c@r)�BadAlgorithmz*The TSIG algorithm does not match the key.Nrr	r	r	r
r.rrc@r)�	PeerErrorz;Base class for all TSIG errors generated by the remote peerNrr	r	r	r
r3rrc@r)�
PeerBadKeyz$The peer didn't know the key we usedNrr	r	r	r
r8rrc@r)�PeerBadSignaturez*The peer didn't like the signature we sentNrr	r	r	r
r=rrc@r)�PeerBadTimez%The peer didn't like the time we sentNrr	r	r	r
rBrrc@r)�PeerBadTruncationz=The peer didn't like amount of truncation in the TSIG we sentNrr	r	r	r
rGrrzHMAC-MD5.SIG-ALG.REG.INTz	hmac-sha1zhmac-sha224zhmac-sha256zhmac-sha256-128zhmac-sha384zhmac-sha384-192zhmac-sha512zhmac-sha512-256�gss-tsig��� ��0��@�c@s0eZdZdZdd�Zdd�Zdd�Zdd	�Zd
S)�GSSTSigaG
    GSS-TSIG TSIG implementation.  This uses the GSS-API context established
    in the TKEY message handshake to sign messages using GSS-API message
    integrity codes, per the RFC.

    In order to avoid a direct GSSAPI dependency, the keyring holds a ref
    to the GSSAPI object required, rather than the key itself.
    cCs||_d|_d|_dS)N�r)�gssapi_context�data�name)�selfrr	r	r
�__init__ss
zGSSTSig.__init__cCs|j|7_dS�N)r �r"r r	r	r
�updatexszGSSTSig.updatecCs|j�|j�Sr$)r�
get_signaturer )r"r	r	r
�sign{szGSSTSig.signcCs&z	|j�|j|�WStyt�wr$)r�verify_signaturer �	Exceptionr)r"�expectedr	r	r
�verifys
�zGSSTSig.verifyN)rrrrr#r&r(r,r	r	r	r
ris	rc@s(eZdZdd�Zdd�Zedd��ZdS)�GSSTSigAdaptercCs
||_dSr$)�keyring)r"r.r	r	r
r#�s
zGSSTSigAdapter.__init__cCsB||jvr|j|}t|t�r|jtkr|rt�|||�|SdSr$)r.�
isinstance�Key�	algorithm�GSS_TSIGr-�parse_tkey_and_step)r"�message�keyname�keyr	r	r
�__call__�s

zGSSTSigAdapter.__call__cCsVz |�|j|tjjtjj�}|r|dj}|j}|�	|�WSWdSt
y*YdSw)Nr)�
find_rrset�answer�dns�
rdataclass�ANY�	rdatatype�TKEYr6�secret�step�KeyError)�clsr6r4r5�rrset�tokenrr	r	r
r3�s�
��z"GSSTSigAdapter.parse_tkey_and_stepN)rrrr#r7�classmethodr3r	r	r	r
r-�s

r-c@sveZdZdZeejeeje	ej
eej
dfeej
eej
dfeejeejdfeeji	Zdd�Zdd�Zd	d
�Zdd�Zd
S)�HMACTSigzo
    HMAC TSIG implementation.  This uses the HMAC python module to handle the
    sign/verify operations.
    r��cCs�z|j|}Wntytd|�d���wt|t�r,tj||dd�|_|d|_ntj||d�|_d|_|jj	|_	|jrL|j	d|j��7_	dSdS)NzTSIG algorithm z is not supportedr)�	digestmod��-)
�_hashesrA�NotImplementedErrorr/�tuple�hmac�new�hmac_context�sizer!)r"r6r1�hashinfor	r	r
r#�s�

�zHMACTSig.__init__cCs|j�|�Sr$)rQr&r%r	r	r
r&�szHMACTSig.updatecCs&|j��}|jr|d|jd�}|S)N�)rQ�digestrR)r"rUr	r	r
r(�s
z
HMACTSig.signcCs|��}t�||�st�dSr$)r(rO�compare_digestr)r"r+�macr	r	r
r,�s�zHMACTSig.verifyN)rrrr�	HMAC_SHA1�hashlib�sha1�HMAC_SHA224�sha224�HMAC_SHA256�sha256�HMAC_SHA256_128�HMAC_SHA384�sha384�HMAC_SHA384_192�HMAC_SHA512�sha512�HMAC_SHA512_256�HMAC_MD5�md5rLr#r&r(r,r	r	r	r
rF�s 


�rFcCs0|o|}|rt|�}|r|�t�dt|���|�|�|�t�d|j��|�|dd��|rN|�|j���|�t�dtj	j
��|�t�dd��|durU|j}|d?d@}|d@}	t�d	||	|j�}
t|j
�}|dkrutd
��|r�|�|j��|
�|�t�d|j|�|j
�|S|�|
�|S)z�Return a context containing the TSIG rdata for the input parameters
    @rtype: dns.tsig.HMACTSig or dns.tsig.GSSTSig object
    @raises ValueError: I{other_data} is too long
    @raises NotImplementedError: I{algorithm} is not supported
    �!H�Nz!Irri��l��z!HIHz TSIG Other Data is > 65535 bytesz!HH)�get_contextr&�struct�pack�len�original_idr!�
to_digestabler:r;r<�time_signed�fudge�other�
ValueErrorr1�error)�wirer6�rdata�time�request_mac�ctx�multi�first�
upper_time�
lower_time�time_encoded�	other_lenr	r	r
�_digest�s4



�r�cCs4|rt|�}|�t�dt|���|�|�|SdS)z�If this is the first message in a multi-message sequence,
    start a new context.
    @rtype: dns.tsig.HMACTSig or dns.tsig.GSSTSig object
    rhN)rjr&rkrlrm)r6rWrzryr	r	r
�_maybe_start_digest�s
r�Fc	Cs:t|||||||�}|��}|j||d�}|t|||�fS)a~Return a (tsig_rdata, mac, ctx) tuple containing the HMAC TSIG rdata
    for the input parameters, the HMAC MAC calculated by applying the
    TSIG signature algorithm, and the TSIG digest context.
    @rtype: (string, dns.tsig.HMACTSig or dns.tsig.GSSTSig object)
    @raises ValueError: I{other_data} is too long
    @raises NotImplementedError: I{algorithm} is not supported
    )rprW)r�r(�replacer�)	rur6rvrwrxryrzrW�tsigr	r	r
r(
s	r(c	Cst�d|dd��\}	|	dkrtjj�|	d8}	|dd�t�d|	�|d|�}
|jdkrY|jtjjkr7t	�|jtjj
kr@t�|jtjjkrIt
�|jtjjkrRt�td|j��t|j|�|jkret�|j|krlt�|j|jkrtt�t|
||d|||�}|�|j�t||j|�S)aFValidate the specified TSIG rdata against the other input parameters.

    @raises FormError: The TSIG is badly formed.
    @raises BadTime: There is too much time skew between the client and the
    server.
    @raises BadSignature: The TSIG signature did not validate
    @rtype: dns.tsig.HMACTSig or dns.tsig.GSSTSig objectrh�
�rrJzunknown TSIG error code %dN)rk�unpackr:�	exception�	FormErrorrlrt�rcode�BADSIGr�BADKEYr�BADTIMEr�BADTRUNCrr�absrprqrr!r
r1rr�r,rWr�)rur6�ownerrv�nowrx�
tsig_startryrz�adcount�new_wirer	r	r
�validates0$

r�cCs"|jtkr
t|j�St|j|j�S)z�Returns an HMAC context for the specified key.

    @rtype: HMAC context
    @raises NotImplementedError: I{algorithm} is not supported
    )r1r2rr?rF)r6r	r	r
rjCs

rjc@s(eZdZefdd�Zdd�Zdd�ZdS)r0cCsZt|t�rtj�|�}||_t|t�rt�|���}||_t|t�r(tj�|�}||_	dSr$)
r/�strr:r!�	from_text�base64�decodebytes�encoder?r1)r"r!r?r1r	r	r
r#Qs



zKey.__init__cCs.t|t�o|j|jko|j|jko|j|jkSr$)r/r0r!r?r1)r"rrr	r	r
�__eq__\s

�
�
�z
Key.__eq__cCsNd|j�d�d|j�d�}|jtkr!|dt�|j����d�7}|d7}|S)Nz<DNS key name='z', zalgorithm='�'z
, secret='�>)r!r1r2r��	b64encoder?�decode)r"�rr	r	r
�__repr__ds

zKey.__repr__N)rrr�default_algorithmr#r�r�r	r	r	r
r0Psr0)NNNN)NNNF)NF),rr�rYrOrk�
dns.exceptionr:�dns.name�	dns.rcode�dns.rdataclassr��DNSExceptionrrr
rrrrrrr!r�rfrXr[r]r_r`rbrcrer2r��	mac_sizesrr-rFr�r�r(r�rjr0r	r	r	r
�<module>sd� 
4#

�&
@ Telegram