U g|Y@sddlZddlmZddlmZmZmZmZmZz`ddl m Z ddl m Z m Z ddlmZddlmZddlmZdd lmZmZmZmZd ZWn6ek rdZ d \Z Z ZZZd \ZZZZd ZYnXddlmZddlmZddlm Z ddl!m"Z"ddl#m$Z$erddl%m&Z&eddZ'eddZ(GdddeZ)GdddeZ*GdddeZ+GdddeZ,Gd d!d!eZ-Gd"d#d#e-Z.Gd$d%d%e-Z/dS)&N) b64decode) TYPE_CHECKINGOptionalSequenceTuple no_type_check)default_backend)MGF1OAEP)Cipher)AES)CBC)SHA1SHA256SHA512HashT)NNNNN)NNNNF)TelegramObject)parse_sequence_arg) TextEncoding)JSONDict)PassportDecryptionError)Botc Csts tdtttd}||||}|dd|dd}}tt|t |td}| }|||}tt td}|||} | |krt d| d|||ddS) a Decrypt per telegram docs at https://core.telegram.org/passport. Args: secret (:obj:`str` or :obj:`bytes`): The encryption secret, either as bytes or as a base64 encoded string. hash (:obj:`str` or :obj:`bytes`): The hash, either as bytes or as a base64 encoded string. data (:obj:`str` or :obj:`bytes`): The data to decrypt, either as bytes or as a base64 encoded string. file (:obj:`bool`): Force data to be treated as raw data, instead of trying to b64decode it. Raises: :class:`PassportDecryptionError`: Given hash does not match hash of decrypted data. Returns: :obj:`bytes`: The decrypted data as bytes. cTo use Telegram Passports, PTB must be installed via `pip install "python-telegram-bot[passport]"`.)backendN 0zHashes are not equal! z != r) CRYPTO_INSTALLED RuntimeErrorrrrupdatefinalizer r r decryptorrr) secrethashdatadigestZsecret_hash_hashkeyZ init_vectorcipherr data_hashr(B/tmp/pip-unpacked-wheel-swnnwir2/telegram/_passport/credentials.pydecrypt2s" r*cCstt|||tjS)zPDecrypts data using secret and hash and then decodes utf-8 string and loads json)jsonloadsr*decoderZUTF_8)r!r"r#r(r(r) decrypt_jsoncsr.cs^eZdZdZdZddeeeeedfddZe e dd d Z e d dd d Z Z S)EncryptedCredentialsaDContains data required for decrypting and authenticating EncryptedPassportElement. See the Telegram Passport Documentation for a complete description of the data decryption and authentication processes. Objects of this class are comparable in terms of equality. Two objects of this class are considered equal, if their :attr:`data`, :attr:`hash` and :attr:`secret` are equal. Note: This object is decrypted only when originating from :attr:`telegram.PassportData.decrypted_credentials`. Args: data (:class:`telegram.Credentials` | :obj:`str`): Decrypted data with unique user's nonce, data hashes and secrets used for EncryptedPassportElement decryption and authentication or base64 encrypted data. hash (:obj:`str`): Base64-encoded data hash for data authentication. secret (:obj:`str`): Decrypted or encrypted secret used for decryption. Attributes: data (:class:`telegram.Credentials` | :obj:`str`): Decrypted data with unique user's nonce, data hashes and secrets used for EncryptedPassportElement decryption and authentication or base64 encrypted data. hash (:obj:`str`): Base64-encoded data hash for data authentication. secret (:obj:`str`): Decrypted or encrypted secret used for decryption. )_decrypted_data_decrypted_secretr#r"r!N api_kwargs)r#r"r!r3csJtj|d||_||_||_|j|j|jf|_d|_d|_|dSNr2) super__init__r#r"r!Z _id_attrsr1r0_freeze)selfr#r"r!r3 __class__r(r)r6szEncryptedCredentials.__init__)returnc Cs||jdkrvtstdz2|jt|jtt t dt dd|_Wn,t k rt}zt ||W5d}~XYnX|jS)z :obj:`bytes`: Lazily decrypt and return secret. Raises: telegram.error.PassportDecryptionError: Decryption failed. Usually due to bad private/public key but can also suggest malformed/tampered data. Nr) algorithm)Zmgfr<label) r1rrget_botZ private_keyr*rr!r r r ValueErrorr)r8 exceptionr(r(r)decrypted_secrets    z%EncryptedCredentials.decrypted_secret CredentialscCs8|jdkr2tt|jt|jt|j||_|jS)a~ :class:`telegram.Credentials`: Lazily decrypt and return credentials data. This object also contains the user specified nonce as `decrypted_data.nonce`. Raises: telegram.error.PassportDecryptionError: Decryption failed. Usually due to bad private/public key but can also suggest malformed/tampered data. N) r0rBde_jsonr.rArr"r#r>)r8r(r(r)decrypted_datas z#EncryptedCredentials.decrypted_data)__name__ __module__ __qualname____doc__ __slots__strrrr6propertybytesrArD __classcell__r(r(r9r)r/isr/cs`eZdZdZdZdddeeedfddZe d eeed edd fd d Z Z S)rBz Attributes: secure_data (:class:`telegram.SecureData`): Credentials for encrypted data nonce (:obj:`str`): Bot-specified nonce )nonce secure_dataNr2 SecureData)rOrNr3cs&tj|d||_||_|dSr4)r5r6rOrNr7)r8rOrNr3r9r(r)r6szCredentials.__init__rr#botr;cs:||}|sdStj|d|d|d<tj||dS),See :meth:`telegram.TelegramObject.de_json`.NrOrRr#rR) _parse_datarPrCgetr5clsr#rRr9r(r)rCs  zCredentials.de_json)N) rErFrGrHrIrJrrr6 classmethodrCrMr(r(r9r)rBsrBcseZdZdZdZd ddedededededededededededeed fddZedeeed edd fd d Z Z S)rPa This object represents the credentials that were used to decrypt the encrypted data. All fields are optional and depend on fields that were requested. Args: personal_details (:class:`telegram.SecureValue`, optional): Credentials for encrypted personal details. passport (:class:`telegram.SecureValue`, optional): Credentials for encrypted passport. internal_passport (:class:`telegram.SecureValue`, optional): Credentials for encrypted internal passport. driver_license (:class:`telegram.SecureValue`, optional): Credentials for encrypted driver license. identity_card (:class:`telegram.SecureValue`, optional): Credentials for encrypted ID card address (:class:`telegram.SecureValue`, optional): Credentials for encrypted residential address. utility_bill (:class:`telegram.SecureValue`, optional): Credentials for encrypted utility bill. bank_statement (:class:`telegram.SecureValue`, optional): Credentials for encrypted bank statement. rental_agreement (:class:`telegram.SecureValue`, optional): Credentials for encrypted rental agreement. passport_registration (:class:`telegram.SecureValue`, optional): Credentials for encrypted registration from internal passport. temporary_registration (:class:`telegram.SecureValue`, optional): Credentials for encrypted temporary registration. Attributes: personal_details (:class:`telegram.SecureValue`): Optional. Credentials for encrypted personal details. passport (:class:`telegram.SecureValue`): Optional. Credentials for encrypted passport. internal_passport (:class:`telegram.SecureValue`): Optional. Credentials for encrypted internal passport. driver_license (:class:`telegram.SecureValue`): Optional. Credentials for encrypted driver license. identity_card (:class:`telegram.SecureValue`): Optional. Credentials for encrypted ID card address (:class:`telegram.SecureValue`): Optional. Credentials for encrypted residential address. utility_bill (:class:`telegram.SecureValue`): Optional. Credentials for encrypted utility bill. bank_statement (:class:`telegram.SecureValue`): Optional. Credentials for encrypted bank statement. rental_agreement (:class:`telegram.SecureValue`): Optional. Credentials for encrypted rental agreement. passport_registration (:class:`telegram.SecureValue`): Optional. Credentials for encrypted registration from internal passport. temporary_registration (:class:`telegram.SecureValue`): Optional. Credentials for encrypted temporary registration. ) addressbank_statementdriver_license identity_cardinternal_passportpassportpassport_registrationpersonal_detailsrental_agreementtemporary_registration utility_billNr2 SecureValue) rbr`r_r]r^r[rer\rcrardr3c  s\tj| d| |_| |_| |_||_||_||_||_||_ ||_ ||_ ||_ | dSr4)r5r6rdrarcr\rer[r^r]r_r`rbr7) r8rbr`r_r]r^r[rer\rcrardr3r9r(r)r6:szSecureData.__init__rrQcs*||}|sdStj|d|d|d<tj|d|d|d<tj|d|d|d<tj|d|d|d<tj|d|d|d<tj|d|d|d<tj|d |d|d <tj|d |d|d <tj|d |d|d <tj|d |d|d <tj|d |d|d <tj||dS)rSNrdrTrarcr\rer[r^r]r_r`rbrU)rVrfrCrWr5rXr9r(r)rC[s*   zSecureData.de_json) NNNNNNNNNNN)N) rErFrGrHrIrrr6rZrCrMr(r(r9r)rPsH1!rPc seZdZdZdZdddededededeedeedeedfdd Ze deeed edd fd d Z Z S)rfa? This object represents the credentials that were used to decrypt the encrypted value. All fields are optional and depend on the type of field. Args: data (:class:`telegram.DataCredentials`, optional): Credentials for encrypted Telegram Passport data. Available for "personal_details", "passport", "driver_license", "identity_card", "identity_passport" and "address" types. front_side (:class:`telegram.FileCredentials`, optional): Credentials for encrypted document's front side. Available for "passport", "driver_license", "identity_card" and "internal_passport". reverse_side (:class:`telegram.FileCredentials`, optional): Credentials for encrypted document's reverse side. Available for "driver_license" and "identity_card". selfie (:class:`telegram.FileCredentials`, optional): Credentials for encrypted selfie of the user with a document. Can be available for "passport", "driver_license", "identity_card" and "internal_passport". translation (List[:class:`telegram.FileCredentials`], optional): Credentials for an encrypted translation of the document. Available for "passport", "driver_license", "identity_card", "internal_passport", "utility_bill", "bank_statement", "rental_agreement", "passport_registration" and "temporary_registration". files (List[:class:`telegram.FileCredentials`], optional): Credentials for encrypted files. Available for "utility_bill", "bank_statement", "rental_agreement", "passport_registration" and "temporary_registration" types. Attributes: data (:class:`telegram.DataCredentials`): Optional. Credentials for encrypted Telegram Passport data. Available for "personal_details", "passport", "driver_license", "identity_card", "identity_passport" and "address" types. front_side (:class:`telegram.FileCredentials`): Optional. Credentials for encrypted document's front side. Available for "passport", "driver_license", "identity_card" and "internal_passport". reverse_side (:class:`telegram.FileCredentials`): Optional. Credentials for encrypted document's reverse side. Available for "driver_license" and "identity_card". selfie (:class:`telegram.FileCredentials`): Optional. Credentials for encrypted selfie of the user with a document. Can be available for "passport", "driver_license", "identity_card" and "internal_passport". translation (Tuple[:class:`telegram.FileCredentials`]): Optional. Credentials for an encrypted translation of the document. Available for "passport", "driver_license", "identity_card", "internal_passport", "utility_bill", "bank_statement", "rental_agreement", "passport_registration" and "temporary_registration". .. versionchanged:: 20.0 |tupleclassattrs| files (Tuple[:class:`telegram.FileCredentials`]): Optional. Credentials for encrypted files. Available for "utility_bill", "bank_statement", "rental_agreement", "passport_registration" and "temporary_registration" types. .. versionchanged:: 20.0 * |tupleclassattrs| * |alwaystuple| )r#files front_side reverse_sideselfie translationNr2DataCredentialsFileCredentials)r#rhrirjrgrkr3csFtj|d||_||_||_||_t||_t||_| dSr4) r5r6r#rhrirjrrgrkr7)r8r#rhrirjrgrkr3r9r(r)r6s   zSecureValue.__init__rrQcs||}|sdStj|d|d|d<tj|d|d|d<tj|d|d|d<tj|d|d|d<tj|d|d|d<tj|d|d|d<tj||d S) rSNr#rTrhrirjrgrkrU)rVrlrCrWrmZde_listr5rXr9r(r)rCs zSecureValue.de_json)NNNNNN)N) rErFrGrHrIrrrr6rZrCrMr(r(r9r)rfxs47   rfcs8eZdZdZdZddeeeedfddZZ S)_CredentialsBasez3Base class for DataCredentials and FileCredentials.)r' file_hashr"r!Nr2r"r!r3c sBtj|d|"||_||_|j|_|j|_W5QRXdSr4)r5r6Z _unfrozenr"r!ror')r8r"r!r3r9r(r)r6s  z_CredentialsBase.__init__ rErFrGrHrIrJrrr6rMr(r(r9r)rnsrncs8eZdZdZdZddeeeedfddZZ S)rlal These credentials can be used to decrypt encrypted data from the data field in EncryptedPassportData. Args: data_hash (:obj:`str`): Checksum of encrypted data secret (:obj:`str`): Secret of encrypted data Attributes: hash (:obj:`str`): Checksum of encrypted data secret (:obj:`str`): Secret of encrypted data r(Nr2)r'r!r3cstj|||d|dSNrpr5r6r7)r8r'r!r3r9r(r)r6szDataCredentials.__init__rqr(r(r9r)rls rlcs8eZdZdZdZddeeeedfddZZ S)rma These credentials can be used to decrypt encrypted files from the front_side, reverse_side, selfie and files fields in EncryptedPassportData. Args: file_hash (:obj:`str`): Checksum of encrypted file secret (:obj:`str`): Secret of encrypted file Attributes: hash (:obj:`str`): Checksum of encrypted file secret (:obj:`str`): Secret of encrypted file r(Nr2)ror!r3cstj|||d|dSrrrs)r8ror!r3r9r(r)r6szFileCredentials.__init__rqr(r(r9r)rms rm)0r+base64rtypingrrrrrZcryptography.hazmat.backendsrZ1cryptography.hazmat.primitives.asymmetric.paddingr r Z&cryptography.hazmat.primitives.ciphersr Z1cryptography.hazmat.primitives.ciphers.algorithmsr Z,cryptography.hazmat.primitives.ciphers.modesr Z%cryptography.hazmat.primitives.hashesrrrrr ImportErrorZtelegram._telegramobjectrZtelegram._utils.argumentparsingrZtelegram._utils.stringsrZtelegram._utils.typesrZtelegram.errorrZtelegramrr*r.r/rBrPrfrnrlrmr(r(r(r)sB              0 k&~c