a hW@sddlZddlZddlmZmZddlmZddlmZddl m Z ddl m Z m Z mZmZmZmZmZmZmZmZmZmZmZddlmZddlmZdd lmZmZm Z m!Z!m"Z"m#Z#m$Z$eGd d d eZ%eGd d d eZ&ddZ'Gddde(Z)dZ*dZ+ddZ,ddZ-GdddZ.dRddZ/ddZ0GdddZ1d d!Z2Gd"d#d#Z3d$d%Z4d&d'Z5d(d)Z6d*d+Z7d,d-Z8d.d/Z9d0d1Z:d2d3Z;d4d5Zd:d;Z?dZAd?ZBd@ZCd>ZAdAZDdBZEdCZFdDZGdEZHdFZIdGZJdHZKdIZLdJdKZMdLdMZNdNdOZOdPdQZPdS)SN)IntEnumuniquewraps) attrgetter)urandom) in_table_a1 in_table_b1 in_table_c12in_table_c21_c22 in_table_c3 in_table_c4 in_table_c5 in_table_c6 in_table_c7 in_table_c8 in_table_c9 in_table_d1 in_table_d2)uuid4) Certificate)b64decb64enchhihmacuencxorc@seZdZdZdZdZdZdS) ClientStageN)__name__ __module__ __qualname__get_client_firstset_server_firstget_client_finalset_server_finalr*r*F/var/www/html/efn/efnconsultor/selenium/selenium-4.34.2/scramp/core.pyr src@seZdZdZdZdZdZdS) ServerStagerr r!r"N)r#r$r%set_client_firstget_server_firstset_client_finalget_server_finalr*r*r*r+r,(sr,cCsd|dur(|dkr`td|djdn8|dkr:tdn&||dkr`td||djddS)Nrz The method z must be called first.r"z1The authentication sequence has already finished.z The next method to be called is z, not this method.)ScramExceptionname)ZStagesZ current_stage next_stager*r*r+ _check_stage0s   r4cs*eZdZdfdd ZfddZZS)r1Ncst|||_dSN)super__init__ server_error)selfmessager8 __class__r*r+r7>s zScramException.__init__cs(|jdurdn d|j}t|S)Nz: )r8r6__str__)r9Zs_strr;r*r+r>BszScramException.__str__)N)r#r$r%r7r> __classcell__r*r*r;r+r1=sr1z SCRAM-SHA-1zSCRAM-SHA-1-PLUS SCRAM-SHA-256zSCRAM-SHA-256-PLUSz SCRAM-SHA-512zSCRAM-SHA-512-PLUSzSCRAM-SHA3-512zSCRAM-SHA3-512-PLUS)tls-server-end-point tls-uniqueztls-unique-for-telnetc Cs|dkr||S|dkr|jdd}t|}|j}|dvrBd}zt||}Wn8ty}z td|d|WYd}~n d}~00| Std |d dS) NrCrBT)Z binary_form)md5sha1sha256zHash algorithm z not supported by hashlib. zChannel binding name z not recognized.) Zget_channel_bindingZ getpeercertrload hash_algohashlibnew ValueErrorr1digest)r2 ssl_socketZcert_binZcertrHZhash_objer*r*r+ _make_cb_dataZs    rOcCs|t||fSr5)rO)r2rMr*r*r+make_channel_bindingtsrPc @seZdZejdddfejdddfejdddfejdddfejdddfejddd fejdd d fejdd d fd ZdddZ dddZ ddZ dddZ dS)ScramMechanismFirTrr r!r"i'r@rAcCsB|tvrtd|dtd||_|j|\|_|_|_|_dS)NzThe mechanism name 'z1' is not supported. The supported mechanisms are .) MECHANISMSr1r2 MECH_LOOKUPhf use_bindingiteration_countstrengthr9 mechanismr*r*r+r7szScramMechanism.__init__NcCs2|dur|j}t|j|||d\}}}||||fS)N)salt)rZ_make_auth_inforX)r9passwordrZr^ stored_key server_keyr*r*r+make_auth_infos  zScramMechanism.make_auth_infocCst|j|\}}}||fSr5)_c_key_stored_key_s_keyrX)r9salted_password_rarbr*r*r+make_stored_server_keyssz&ScramMechanism.make_stored_server_keyscCst||||dS)N)channel_bindings_nonce) ScramServer)r9auth_fnrhrir*r*r+ make_serverszScramMechanism.make_server)rA)NN)NN) r#r$r%rIrErFsha512sha3_512rWr7rcrgrlr*r*r*r+rQxs          rQcCs8|durtd}t||||}t||\}}}|||fS)N)r_make_salted_passwordrd)rXr`ir^rerfrarbr*r*r+r_s r_cCs`|dur dSt|tstdt|dkr2td|\}}|tvrJtdt|ts\tddS)Nz=The channel_binding parameter must either be None or a tuple.r zZThe channel_binding parameter must either be None or a tuple of two elements (type, data).zThe channel_binding parameter must either be None or a tuple with the first element a str specifying one of the channel types {CHANNEL_TYPES}.z}The channel_binding parameter must either be None or a tuple with the second element a bytes object containing the bind data.) isinstancetupler1len CHANNEL_TYPESbytes)rh channel_typeZ channel_datar*r*r+_validate_channel_bindings&   rxc@s>eZdZdddZddZddZdd Zd d Zd d ZdS) ScramClientNc st|ttfstdtdd|D}fdd|D}t|dkrXtd|t|tdd d }|j|j |_|_ |j |_ |durt n||_ ||_||_|_d|_dS) NzFThe 'mechanisms' parameter must be a list or tuple of mechanism names.css|]}t|VqdSr5)rQ.0mr*r*r+ z'ScramClient.__init__..csg|]}dur|js|qSr5)rYrzrhr*r+ r~z(ScramClient.__init__..rz7There are no suitable mechanisms in the list provided: r[)key)rrlistrsr1rxrtsortedrrXrYr2mechanism_name _make_noncec_nonceusernamer`rhstage) r9 mechanismsrr`rhrmsZmechsmechr*rr+r7s& zScramClient.__init__cCstt|j|||_dSr5)r4rrr9r3r*r*r+ _set_stageszScramClient._set_stagecCs,|tjt|j|j|j|j\|_}|Sr5) rrr&_get_client_firstrrrhrYclient_first_bare)r9 client_firstr*r*r+r&s   zScramClient.get_client_firstcCs.|tj||_t||j\|_|_|_dSr5) rrr' server_first_set_server_firstrnoncer^ iterationsr9r:r*r*r+r's  zScramClient.set_server_firstc Cs@|tjt|j|j|j|j|j|j |j |j |j \|_ }|Sr5)rrr(_get_client_finalrXr`r^rrrrrhrYserver_signature)r9Zcfinalr*r*r+r(s  zScramClient.get_client_finalcCs|tjt||jdSr5)rrr)_set_server_finalrrr*r*r+r)s zScramClient.set_server_final)NN) r#r$r%r7rr&r'r(r)r*r*r*r+rys rycstfdd}|S)Nc s`z|g|Ri|WStyZ}z*|jdurB|j|_tj|_|WYd}~n d}~00dSr5)r1r8errorr,r/r)r9argskwdsrNfr*r+wrapper s zset_error..wrapperr)rrr*rr+ set_error s rc@sVeZdZdddZddZddZedd Zed d Zed d Z eddZ dS)rjNcCsHt|||_|durtn||_||_d|_d|_d|_||dSr5) rxrhrrirkrrr_set_mechanism)r9r]rkrhrir*r*r+r7szScramServer.__init__cCs"|jr|jdurtd||_dS)NzMThe mechanism requires channel binding, and so channel_binding can't be None.)rYrhr1r|r\r*r*r+r's zScramServer._set_mechanismcCstt|j|||_dSr5)r4r,rrr*r*r+r/szScramServer._set_stagecCsx|tjt||j|j|jj\|_|_ |_ }|rPt |jj d}| |||j \}|_|_|_t||_dS)Nz-PLUS)rr,r-_set_client_firstrirhr|rYruserrrQr2rrkrarbrqrr^)r9rupgrade_mechanismrr^r*r*r+r-3s  zScramServer.set_client_firstcCs&|tjt|j|j|j|_|jSr5)rr,r._get_server_firstrr^rqrr9r*r*r+r.Fs zScramServer.get_server_firstc Cs>|tjt|jj||j|j|j|j |j |j |jj |_ dSr5)rr,r/_set_client_finalr|rXrirarbrrrhrYr)r9 client_finalr*r*r+r/Ps zScramServer.set_client_finalcCs|tjt|j|jSr5)rr,r0_get_server_finalrrrr*r*r+r0_s zScramServer.get_server_final)NN) r#r$r%r7rrrr-r.r/r0r*r*r*r+rjs    rjcCsttddS)N-r=)strrreplacer*r*r*r+resrcCs|||f}td|S)N,)rjoin)rrclient_final_without_proofmsgr*r*r+_make_auth_messageis rcCst|tt|||Sr5)rrsaslprep)rXr`r^rr*r*r+rpnsrpcCs,t||d}t||}t||d}|||fS)Ns Client Keys Server Key)rr)rXre client_keyrarbr*r*r+rdrs   rdcCs:t|||}t|t|}t||}||kr6tdtdS)NzThe client keys don't match.)rrrrr1SERVER_ERROR_INVALID_PROOF)rXraauth_msgproofclient_signaturerrr*r*r+_check_client_keyzs   rcCs0|dur dS|r(|\}}dd|dfSdSdS)N)nzn,,pzp=z,,)yzy,,r*)rhrYrwrfr*r*r+_make_gs2_headers rcCsPt||\}}|d}|dvr$|S|dkr<|\}}||Std|ddS)Nascii)rrrzThe gs2_cbind_flag 'z' is not recognized)rencoder1)rhrYgs2_cbind_flag gs2_headerZgs2_header_binrfZ cbind_datar*r*r+_make_cbind_inputs rcGsi}|dD]B}t|dks*|ddkrtdtdS)Nz server finalvrNrz#The server signature doesn't match.)rr1r)r:rrr*r*r+rts rc Csddd|D}td|}|s(dSt}||drT||dsNtdtt}n|}|D]}t|rpJdt|rJd t d ft d ft d ft d ft dftdftdftdftdf|dff D]\}}||rt|tqq\|S)Nr=css&|]}t|st|rdn|VqdS) N)r r )r{rr*r*r+r}r~zsaslprep..NFKCrrzmalformed bidi sequencez$failed to strip B.1 in mapping stagez(failed to replace C.1.2 in mapping stagez unassigned code points forbiddenzcontrol characters forbiddenz private use characters forbiddenznon-char code points forbiddenzsurrogate codes forbiddenznon-plaintext chars forbiddenznon-canonical chars forbiddenz,display-modifying/deprecated chars forbiddenztagged characters forbiddenzforbidden bidi character)r unicodedata normalizerr1SERVER_ERROR_INVALID_ENCODINGrr r rr r r rrrrr)sourcedataZ is_ral_charZis_forbidden_bidi_charrrrr*r*r+rs:     r)N)QrIrenumrr functoolsroperatorrosrZ stringpreprr r r r r rrrrrrruuidrZasn1crypto.x509rZ scramp.utilsrrrrrrrrr,r4 Exceptionr1rVrurOrPrQr_rxryrrjrrrprdrrrrrrrrrrZ%SERVER_ERROR_EXTENSIONS_NOT_SUPPORTEDrrrZ4SERVER_ERROR_SERVER_DOES_NOT_SUPPORT_CHANNEL_BINDINGrrZSERVER_ERROR_UNKNOWN_USERrZSERVER_ERROR_NO_RESOURCESrrrrrr*r*r*r+sp   <  $   , BK    G%