o im @sfddlZddlmZddlmZddlmZmZddlm Z ddl m Z ddl m Z Gdd d ZdS) N)Optional)x509)hashes serialization)padding) RSAPrivateKey)default_backendc@steZdZdZddedeeddfddZedefdd Z edefd d Z d edefd dZ d edefddZ dS)AadClientCertificateaWraps 'cryptography' to provide the crypto operations AadClient requires for certificate authentication. :param bytes pem_bytes: bytes of a a PEM-encoded certificate including the (RSA) private key :param bytes password: (optional) the certificate's password N pem_bytespasswordreturncCs|tj||td}t|tstd||_t|t}| t }| t }t |d|_t |d|_dS)N)r backendzNThe certificate must have an RSA private key because RS256 is used for signingzutf-8)rZload_pem_private_keyr isinstancer ValueError _private_keyrZload_pem_x509_certificate fingerprintrSHA1SHA256base64urlsafe_b64encodedecode _thumbprint_sha256_thumbprint)selfr r Z private_keycertrZsha256_fingerprintre/home/app/Keep/.python/lib/python3.10/site-packages/azure/identity/_internal/aadclient_certificate.py__init__s zAadClientCertificate.__init__cC|jS)z^The certificate's SHA1 thumbprint as a base64url-encoded string. :rtype: str )rrrrr thumbprint!zAadClientCertificate.thumbprintcCr)z`The certificate's SHA256 thumbprint as a base64url-encoded string. :rtype: str )rrrrrsha256_thumbprint)r!z&AadClientCertificate.sha256_thumbprint plaintextcCs|j|ttS)zSign bytes using RS256. :param bytes plaintext: Bytes to sign. :return: The signature. :rtype: bytes )rsignrZPKCS1v15rr)rr#rrr sign_rs2561szAadClientCertificate.sign_rs256cCs*t}|j|tjt||jd|S)zSign bytes using PS256. :param bytes plaintext: Bytes to sign. :return: The signature. :rtype: bytes )ZmgfZ salt_length)rrrr$rZPSSZMGF1 digest_size)rr#Zhash_algrrr sign_ps256<s zAadClientCertificate.sign_ps256)N) __name__ __module__ __qualname____doc__bytesrrpropertystrr r"r%r'rrrrr s  r )rtypingrZ cryptographyrZcryptography.hazmat.primitivesrrZ)cryptography.hazmat.primitives.asymmetricrZ-cryptography.hazmat.primitives.asymmetric.rsarZcryptography.hazmat.backendsrr rrrrs