dddlZddlZddlZddlZddlZddlmZmZddl m Z ddl m cm Z ddlm cmcmZdZGddeZy)N)ustr bytebuffer) CryptErrorz6{0} cms -decrypt -inform DER -inkey {1} -in /dev/stdincNeZdZdZdZdZdZdZdZdZ dZ d Z d Z d Z y ) CryptUtilc||_y)N) openssl_cmd)selfr s H/usr/lib/python3/dist-packages/azurelinuxagent/common/utils/cryptutil.py__init__zCryptUtil.__init__%s &c|jddddddddd d |d |g} tj|y #tj$rG}d j |||j |j }tj|Yd }~y d }~wwxYw)zV Create ssl certificate for https communication with endpoint server. reqz-x509-nodesz-subjz/CN=LinuxTransportz-days730z-newkeyzrsa:2048z-keyout-outzFFailed to create {0} and {1} certificates. [stdout] {2} [stderr] {3} N) r shellutil run_command CommandErrorformatstdoutstderrloggererror)r prv_filecrt_filecmdcmd_errmsgs r gen_transport_certzCryptUtil.gen_transport_cert(s7DX UIz9hPXZ   ! !# &%% `(GNNGNNK  LL   s2B =BB ctjj|sttj d||j dd|dg}tj|d}|S)NFile not foundrsa-inz-puboutT log_error ospathexistsIOErrorerrnoENOENTr rrr file_namerpubs r get_pubkey_from_prvzCryptUtil.get_pubkey_from_prv5sSww~~i(%,,(8)D D##UE9iHC''tIzssh-rsasssh-rsasssh-rsa  zutf-8)encodingzFailed to load pyasn1.codec.der)r< startswithjoinpyasn1.codec.derrVbase64 b64decodedecode bits_to_bytes bytearrayextendstructpacklen num_to_bytes b64encoderr ImportErrorr) r pubkeylinesxbase64_encoded der_decoder der_encodedkeynekeydatakeydata_base64s r asn1_to_sshzCryptUtil.asn1_to_sshes T"!>qf)=>> @ ? **>:K%,,[9!? ? @s#G,G,F&G11 H : HH cvt}|r|j|dz|dz}|r|j|S)z; Pack number into bytes. Retun as string. )raappendreverse)r numresults r rfzCryptUtil.num_to_bytess= MM#* % AIC  r cd}t}d}|D]*}|||zz}|dz }|dk(s|j|d}d},t|S)zG Convert an array contains bits, [0,1] to a byte array rr8)rarxbytes)r bitsindex byte_arraycurrbits r r`zCryptUtil.bits_to_bytessg[  C3%<(DAIE{!!$'  Z  r c tj|}tj|j|j d}t j||tjdd}|jdS#t j$r1}tj|jd|jd}~wt$r}t!d|d}~wwxYw)N F)inputr encode_input encode_outputzutf-16zopenssl cms -decrypt)outputzError decoding secret)r]r^DECRYPT_SECRET_CMDrr r<rr subprocessSTDOUTr_rCalledProcessErrorrEr Exceptionr)r encrypted_password private_keydecodedargsrrJrqs r decrypt_secretzCryptUtil.decrypt_secrets 9&&'9:G%,,T-=-={KQQRUVD**4wzGXGXgl}BCF==* *%% // 0H0HJ`ivi}i}~ ~ 94a8 8 9s$A> C CCN)__name__ __module__ __qualname__r r r1r5r@rKrSrtrfr`rr r rr$s;'  d@4 ! 9r r)r]r,rcos.pathr(razurelinuxagent.common.futurerr azurelinuxagent.common.exceptionrazurelinuxagent.common.loggercommonr&azurelinuxagent.common.utils.shellutilutilsrrobjectrrr r rs?( :7..::N99r