U
    g                     @   s`   d dl T d dlmZmZmZmZ d dlmZmZm	Z	 ddgZ
ddde dfddZd	ddZdS )
    )*)DerNullDerSequenceDerObjectIdDerOctetString)PBES1PBES2	PbesErrorwrapunwrapNc           
      C   s   |dkrt t|g}nt t||g}t d|t| g}| }	|dkrN|	S |sZtdt|}|dkrnd}t|	||||S )a6  Wrap a private key into a PKCS#8 blob (clear or encrypted).

    Args:

      private_key (bytes):
        The private key encoded in binary form. The actual encoding is
        algorithm specific. In most cases, it is DER.

      key_oid (string):
        The object identifier (OID) of the private key to wrap.
        It is a dotted string, like ``'1.2.840.113549.1.1.1'`` (for RSA keys)
        or ``'1.2.840.10045.2.1'`` (for ECC keys).

    Keyword Args:

      passphrase (bytes or string):
        The secret passphrase from which the wrapping key is derived.
        Set it only if encryption is required.

      protection (string):
        The identifier of the algorithm to use for securely wrapping the key.
        Refer to :ref:`the encryption parameters<enc_params>` .
        The default value is ``'PBKDF2WithHMAC-SHA1AndDES-EDE3-CBC'``.

      prot_params (dictionary):
        Parameters for the key derivation function (KDF).
        Refer to :ref:`the encryption parameters<enc_params>` .

      key_params (DER object or None):
        The ``parameters`` field to use in the ``AlgorithmIdentifier``
        SEQUENCE. If ``None``, no ``parameters`` field will be added.
        By default, the ASN.1 type ``NULL`` is used.

      randfunc (callable):
        Random number generation function; it should accept a single integer
        N and return a string of random data, N bytes long.
        If not specified, a new RNG will be instantiated
        from :mod:`Cryptodome.Random`.

    Returns:
      bytes: The PKCS#8-wrapped private key (possibly encrypted).
    Nr   zEmpty passphrasez"PBKDF2WithHMAC-SHA1AndDES-EDE3-CBC)r   r   r   encode
ValueErrortobytesr   Zencrypt)
private_keyZkey_oid
passphraseZ
protectionZprot_paramsZ
key_paramsZrandfunc	algorithmpk_infoZpk_info_der r   7/tmp/pip-unpacked-wheel-_q8s9isk/Cryptodome/IO/PKCS8.pyr
   2   s*    5  c           
   
   C   s  |dk	rt |}d}zt| |} d}W nD tk
rV } zdt| }W 5 d}~X Y n tk
rl   d}Y nX |szt| |} d}W nL tk
r } z|dt| 7 }W 5 d}~X Y n tk
r   |d7 }Y nX |std| t j| d	d
}t	|dkr|std|d dkr6t	|dkrdtdn.|d dkr\t	|dkrdtdntdt j|d dd
}t
 |d j}t	|dkrd}n.zt |d  d}W n   |d }Y nX t |d j}	||	|fS )aN  Unwrap a private key from a PKCS#8 blob (clear or encrypted).

    Args:
      p8_private_key (bytes):
        The private key wrapped into a PKCS#8 container, DER encoded.

    Keyword Args:
      passphrase (byte string or string):
        The passphrase to use to decrypt the blob (if it is encrypted).

    Return:
      A tuple containing

       #. the algorithm identifier of the wrapped key (OID, dotted string)
       #. the private key (bytes, DER encoded)
       #. the associated parameters (bytes, DER encoded) or ``None``

    Raises:
      ValueError : if decoding fails
    NFTz	PBES1[%s]zPBES1[Invalid]z
,PBES2[%s]z,PBES2[Invalid]zError decoding PKCS#8 (%s))            )Znr_elementsr   z;Not a valid clear PKCS#8 structure (maybe it is encrypted?)r   )r   r   z#Not a valid PrivateKeyInfo SEQUENCE   )r   r   r   )r   r   )r   r   Zdecryptr	   strr   r   r   decodelenr   valuer   r   payload)
Zp8_private_keyr   foundeZ	error_strr   algoZalgo_oidZalgo_paramsr   r   r   r   r      sR    
 

)N)ZCryptodome.Util.py3compatZCryptodome.Util.asn1r   r   r   r   ZCryptodome.IO._PBESr   r   r	   __all__r
   r   r   r   r   r   <module>#   s     
O