Sindbad~EG File Manager

Current Path : /usr/share/crypto-policies/python/cryptopolicies/__pycache__/
Upload File :
Current File : //usr/share/crypto-policies/python/cryptopolicies/__pycache__/cryptopolicies.cpython-36.pyc

3

."�dCB�@s6ddlZddlZddlZddlZddlZddlZddlmZddlmZdd�d<D�Z	dZ
d=Zd dhdddhdddhddhdddhdddhdddhdddhdddhdddhd!�
ZGd"d#�d#�Z
Gd$d%�d%ej�Zd&d'�Zejd(d>�Zd-d.�Zd?d0d1�ZGd2d3�d3e�Zd4d5�ZGd6d7�d7�Zd8d9�ZGd:d;�d;�ZdS)@�N�)�	alg_lists)�
validationcCsi|]
}d|�qS)r�)�.0�krr�C./usr/share/crypto-policies/python/cryptopolicies/cryptopolicies.py�
<dictcomp>sr	�arbitrary_dh_groups�min_dh_size�min_dsa_size�min_rsa_size�
sha1_in_certs�	ssh_certs�ssh_etm�*�tls�ssl�openssl�nss�gnutls�java-tls�ssh�openssh�openssh-server�openssh-client�libssh�ipsec�ike�	libreswan�kerberos�krb5�dnssec�bind)
r#rzjava-tlsr!rrrzopenssh-clientzopenssh-serverrc@s(eZdZefdd�Zdd�Zdd�ZdS)�
ScopeSelectorcCs�|j�|_}|jd�|_|jr&|n
|dd�}tjj||jd�tjj||jd�|jd�rr|dd�jd�n|g|_	tjj
|j	t|jd�dS)a=
        Initialize a scope selector.
        An example would be `ssh` in `ciphers@ssh = -NULL`.
        When openssh backend will request the configuration,
        it'll offer (`{'ssh', 'openssh'}`) as scopes
        and the rule above will be taken into account.
        Both patterns and scopes are cast to lowercase.
        For more examples, refer to tests/unit/parsing/test_scope_selector.py
        >>> ss = ScopeSelector('!{SSH,IPsec}')
        >>> ss.matches({'ipsec', 'libreswan'})
        False
        >>> ss.matches({'tls', 'openssl'})
        True
        �!rN)Zoriginal_pattern�{�,���)�lower�pattern�
startswith�	_positiver�scopeZillegal_charactersZcurly_brackets�split�_globsZresulting_globs�
ALL_SCOPES)�selfr*�prrr�__init__5s$zScopeSelector.__init__cCsdt|j��d�S)Nz<ScopeSelector pattern=�>)�reprr*)r1rrr�__str__PszScopeSelector.__str__csh|jtkrdSdd��D��tdd��D��s2t�|jrPt�fdd�|jD��St�fdd�|jD��S)aE
        Checks whether ScopeSelector matches one of the scopes.
        For more examples, refer to tests/unit/parsing/test_scope_selector.py
        >>> ScopeSelector('{SSH,IPsec}').matches({'ipsec', 'libreswan'})
        True
        >>> ScopeSelector('!{SSH,IPsec}').matches({'ipsec', 'libreswan'})
        False
        TcSsg|]}|j��qSr)r))r�srrr�
<listcomp>^sz)ScopeSelector.matches.<locals>.<listcomp>css|]}|tkVqdS)N)r0)rr7rrr�	<genexpr>_sz(ScopeSelector.matches.<locals>.<genexpr>c3s|]}tj�|�VqdS)N)�fnmatch�filter)r�g)�scopesrrr9asc3s|]}tj�|�VqdS)N)r:r;)rr<)r=rrr9bs)r*�	SCOPE_ANY�all�AssertionErrorr,�anyr/)r1r=r)r=r�matchesSs	
zScopeSelector.matchesN)�__name__�
__module__�__qualname__r>r3r6rBrrrrr$4sr$c@s$eZdZdZdZdZdZdZdZdS)�	OperationzM
    An operation that comes with the right-hand value of the directive.
    r����N)	rCrDrE�__doc__�RESET�PREPEND�APPEND�OMIT�SET_INTrrrrrFgsrFcs�dd��|j�rf�tjkr2�tkr2tjt|�fgS�tjkrJtjj	���qz�tjksXt
��tkszt
�n�tkrztjj���|j�}t
�fdd�|D��s�t�fdd�|D�g�}tjdfgdd�|D�St�fd	d�|D���r�g}x�|D]�}|jd
��r"tj�tj|dd���ddd�}n\|jd
��rTtj�tj|dd���ddd�}n*|jd��sdt
�tj�tj|dd���}|j�fd
d�|D��q�W|Stjj|��dS)a7
    Parses right-hand parts of the directives
    into lists of operation/value pairs.
    For more examples, refer to tests/unit/test_parsing.py
    >>> parse_rhs('', 'cipher')
    [(<Operation.RESET: 1>, None)]
    >>> parse_rhs('IDEA-CBC SEED-CBC', 'cipher')
    [(<Operation.RESET: 1>, None),
     (<Operation.APPEND: 3>, 'IDEA-CBC'),
     (<Operation.APPEND: 3>, 'SEED-CBC')]
    >>> # 3DES-CBC gets prepended last for higher prio
    >>> parse_rhs('+*DES-CBC', 'cipher')
    [(<Operation.PREPEND: 2>, 'DES-CBC'),
     (<Operation.PREPEND: 2>, '3DES-CBC')]
    cSs|jd�p|jd�p|jd�S)N�+�-)r+�endswith)�vrrr�differential�szparse_rhs.<locals>.differentialc3s|]}�|�VqdS)Nr)rrT)rUrrr9�szparse_rhs.<locals>.<genexpr>csg|]}tj|���qSr)r�glob)rrT)�	prop_namerrr8�szparse_rhs.<locals>.<listcomp>NcSsg|]}tj|f�qSr)rFrN)rrTrrrr8�sc3s|]}�|�VqdS)Nr)rrT)rUrrr9�srQrrRcsg|]}�|f�qSrr)rrT)�oprrr8�sr(r(r()�isdigitr�ALL�INT_DEFAULTSrFrP�intr�rulesZNonIntPropertyIntValueErrorr@ZIntPropertyNonIntValueErrorr.rA�sumrLr?r+rMrVrSrNrO�extendZ%MixedDifferentialNonDifferentialError)�rhsrW�valuesZ
operations�valueZunglobr)rUrXrWr�	parse_rhsrs<


  rc�	DirectiverWr-�	operationrbcs�|j�sgStjj|�|jd�\}}|j�|j�}}tjj||�d|krZ|jdd�n|tf\����fdd�t|��D�S)ae
    Parses configuration lines into tuples of directives.
    For more examples, refer to tests/unit/test_parsing.py
    >>> parse_line('cipher@TLS = RC4* NULL')
    [Directive(prop_name='cipher', scope='tls',
               operation=<Operation.RESET: 1>, value=None),
     Directive(prop_name='cipher', scope='tls',
               operation=<Operation.APPEND: 3>, value='RC4-40'),
     Directive(prop_name='cipher', scope='tls',
               operation=<Operation.APPEND: 3>, value='RC4-128'),
     Directive(prop_name='cipher', scope='tls',
               operation=<Operation.APPEND: 3>, value='NULL')]
    �=�@rcs$g|]\}}t��j�||d��qS))rWr-rerb)rdr))rrerb)rWr-rrr8�szparse_line.<locals>.<listcomp>)�striprr]Zcount_equals_signsr.Z	empty_lhsr>rc)�lineZlhsr`r)rWr-r�
parse_line�s rjFcCs^y$t|�}x|D]}t|j�qWWn4tjk
rX}z|s>�tj|�WYdd}~XnXdS)N)rjr$r-rZPolicySyntaxError�warnings�warn)rirl�l�d�exrrr�syntax_check_line�s
rpcseZdZ�fdd�Z�ZS)�PolicySyntaxDeprecationWarningcs@|jdd�}d|�d�}|d|�d�7}|d7}t�j|�dS)N�
z and zoption z is deprecatedz", please rewrite your rules using z; z2be advised that it is not always a 1-1 replacement)�replace�superr3)r1Z
deprecatedZreplacement�msg)�	__class__rrr3�s
z'PolicySyntaxDeprecationWarning.__init__)rCrDrEr3�
__classcell__rr)rvrrq�srqcCs�tjdd|�}|jdd�}djdd�|jd�D��}|jdd�}djd	d�|jd�D��}djd
d�|jd�D��}tjdd|�j�}tjd|�r�tjt	d
d��ddddd�}xr|j
�D]f\}}d|d}tj||�}|r�tjt	||��tj|d|�}x"|D]}|d|�d|��7}�qWq�Wtjdd|�j�}ddd�}xN|j
�D]B\}}d|d}tj||��r|tjt	||��tj|||�}�qJWtt
jddd%��}xZ|�r�djdd�|dd&�D��}	tjd|d'd|	�r�d |	��nd|�}|j��q�Wtjd!d|�}tt
jddd(��}
xZ|
�r|djd"d�|
dd)�D��}	tjd#|
d*d|	�rhd |	��nd|�}|
j��q$Wtjd$d|�}|S)+a
    Preprocesses text before parsing.
    Fixes line breaks, handles backwards compatibility.
    >>> preprocess_text('cipher = c1 \\ \nc2#x')
    'cipher = c1 c2'
    >>> with warnings.catch_warnings():
    ...     warnings.simplefilter("ignore")
    ...     preprocess_text('ike_protocol = IKEv2')
    'protocol@IKE = IKEv2'
    >>> with warnings.catch_warnings():
    ...     warnings.simplefilter("ignore")
    ...     preprocess_text('min_tls_version=TLS1.3')
    'protocol@TLS = -SSL2.0 -SSL3.0 -TLS1.0 -TLS1.1 -TLS1.2'
    z#.*�rfz = rrcss|]}|j�VqdS)N)rh)rrmrrrr9�sz"preprocess_text.<locals>.<genexpr>z\
css|]}|j�VqdS)N)rh)rrmrrrr9�scss|]}tjdd|�VqdS)z\s+� N)�re�sub)rrmrrrr9�sz
+z\bprotocol\s*=�protocolzprotocol@TLSz
cipher@TLSz
cipher@SSHz	group@SSHzprotocol@IKE)Z
tls_cipherZ
ssh_cipherZ	ssh_groupZike_protocolz\bz\s*=(.*)z

z =z7hash@DNSSec = -SHA1
sign@DNSSec = -RSA-SHA1 -ECDSA-SHA1z7hash@DNSSec = SHA1+
sign@DNSSec = RSA-SHA1+ ECDSA-SHA1+)zsha1_in_dnssec = 0zsha1_in_dnssec = 1Nrrycss|]}d|VqdS)rRNr)rrTrrrr9sz\bmin_dtls_version = zprotocol@TLS = z\bmin_dtls_version = 0\bcss|]}d|VqdS)rRNr)rrTrrrr9$sz\bmin_tls_version = z\bmin_tls_version = 0\br(r(r(r(r(r()rzr{rs�joinr.rh�findallrkrlrq�items�search�listrZDTLS_PROTOCOLS�popZ
TLS_PROTOCOLS)�textZPOSTFIX_REPLACEMENTS�frZtoZregexZms�mZPLAIN_REPLACEMENTSZ
dtls_versions�negZtls_versionsrrr�preprocess_text�sZ
r�c@sJeZdZdZd
dd�Zedd��Zedd��Zed	d
��Zedd��Z	dS)�ScopedPolicya�
    An entity constructing lists of what's `.enabled` and what's `.disabled`
    when the given scopes are active.
    >>> sp = ScopedPolicy(parse_line('cipher@TLS = RC4* NULL'), {'tls'})
    >>> 'AES-256-GCM' in sp.disabled['cipher']
    True
    >>> sp.enabled['cipher']
    ['RC4-40', 'RC4-128', 'NULL']
    >>> ScopedPolicy(parse_line('min_dh_size=2048')).integers['min_dh_size']
    2048
    NcsX|pt�}tj��_dd�tjD��_x�|D]�t�j�}|j	|�r,�j
tjkr^g�j�j
<q,�j
tjkr��j�j
}�j|kr�|j�j�q,�j
tjkr̈j�j
}�j|kr�|j�j�|jd�j�q,�j
tjkr��fdd��j�j
D��j�j
<q,�j
tjk�st��j�j�j
<q,Wt�j�tt�j��k�s>t��fdd�tjD��_dS)NcSsi|]
}g|�qSrr)rrWrrrr	>sz)ScopedPolicy.__init__.<locals>.<dictcomp>rcsg|]}|�jkr|�qSr)rb)r�e)�	directiverrr8Rsz)ScopedPolicy.__init__.<locals>.<listcomp>cs(i|] ���fdd�tj�D���qS)csg|]}|�j�kr|�qSr)�enabled)rr�)rWr1rrr8Zsz4ScopedPolicy.__init__.<locals>.<dictcomp>.<listcomp>)rrZ)r)r1)rWrr	Zs)�setr[�copy�integersrrZr�r$r-rBrerFrLrWrNrb�appendrM�remove�insertrOrPr@�lenZdisabled)r1�
directivesZrelevant_scopesZssr�r)r�r1rr3;s0






$
zScopedPolicy.__init__cCstj|jd�S)Nr|)r�min_tls_versionr�)r1rrrr�^szScopedPolicy.min_tls_versioncCstj|jd�S)Nr|)r�max_tls_versionr�)r1rrrr�bszScopedPolicy.max_tls_versioncCstj|jd�S)Nr|)r�min_dtls_versionr�)r1rrrr�fszScopedPolicy.min_dtls_versioncCstj|jd�S)Nr|)r�max_dtls_versionr�)r1rrrr�jszScopedPolicy.max_dtls_version)N)
rCrDrErKr3�propertyr�r�r�r�rrrrr�/s
#r�cCs@x,|D]$}tjj||�}tj|tj�r|SqWtj|||��dS)N)�os�pathr}�access�R_OKrZPolicyFileNotFoundError)�
policyname�fname�pathsrnr2rrr�lookup_fileqs

r�c@sFeZdZdZdZdd�dd�Zdd�Zdd	d
�Zddd
�Zdd�Z	dS)�UnscopedCryptoPolicyz/etc/crypto-policiesz/usr/share/crypto-policiesN)�	policydircGsR||_dj|f|�|_g|_|j|�}x|D]}||j|dd�7}q.W||_dS)N�:T)�	subpolicy)r�r}r��lines�read_policy_file�_directives)r1Zpolicy_namer�Zsubpolicy_namesr�Zsubpolicy_namerrrr3�s

zUnscopedCryptoPolicy.__init__cCs|jS)N)r�)r1rrr�is_empty�szUnscopedCryptoPolicy.is_emptycCst|j|pi�S)N)r�r�)r1r=rrr�scoped�szUnscopedCryptoPolicy.scopedFc	Cs�|jpd}|rtjj|d�}t|||s*dndtjj|tjj|j|�tjj|j|�f�}t|��}|j	�}WdQRXt
|�}|jd�}x|D]}t|dd�q�Wx|D]}t|�q�Wt
dd	�|D�g�S)
NZpolicies�modulesz.polz.pmodrrT)rlcSsg|]}t|��qSr)rj)rrmrrrr8�sz9UnscopedCryptoPolicy.read_policy_file.<locals>.<listcomp>)r�r�r�r}r��curdir�
CONFIG_DIR�	SHARE_DIR�open�readr�r.rpr^)	r1�namer�Zpdirr2�fr�r�rmrrrr��s$




z%UnscopedCryptoPolicy.read_policy_filecCsdd�}|j�}d|j�d�}|d7}|d7}|d7}|d7}|d7}|j|j�}x"|j�D]\}}||||�7}q\Wd	}xvtj�D]j\}}	|j|	d
�}
|
j|
j�}xH|j�D]<\}}|||kr�|s�|d7}d}|||�d
|��|�7}q�Wq�W|�s|d7}|S)NcSs2t|t�rdj|�nt|�}|�d|��j�dS)Nryz = rr)�
isinstancer�r}�str�rstrip)�keyrbr7rrr�fmt�sz)UnscopedCryptoPolicy.__str__.<locals>.fmtz	# Policy z dump
z#
z?# Do not parse the contents of this file with automated tools,
z.# it is provided for review convenience only.
z"# Baseline values for all scopes:
F)r=z9# Scope-specific properties derived for select backends:
Trgz&# No scope-specific properties found.
)r�r�r�r�r�DUMPABLE_SCOPES)r1r�Zgeneric_scopedr7Zgeneric_allrWrbZanything_scope_specificZ
scope_nameZ	scope_setZspecific_scopedZspecific_allrrrr6�s2 zUnscopedCryptoPolicy.__str__)N)F)
rCrDrEr�r�r3r�r�r�r6rrrrr�{s

r�)r
rrr
rrr)rrrrrrrrrrrrrrr r!r"r#)rWr-rerb)F)�collections�enumr:r�rzrkrxrrr[r>r0r�r$�EnumrFrc�
namedtuplerdrjrp�
FutureWarningrqr�r�r�r�rrrr�<module>sP3;
	LB

Sindbad File Manager Version 1.0, Coded By Sindbad EG ~ The Terrorists