ó Òbc@@sÂddlmZddlZddlZyddlmZWn!ek r_ddlmZnXddlm Z ddl m Z ddl m Z mZmZdd lmZmZmZdd lmZddlZdd lmZmZgZedd „Zejd ƒd„Zejdƒddddd„Zejdƒd„Z ejdƒd„Z!d„Z"d„Z#dddddddd„Z$ejdƒddd„Z%ddd„Z&dS(i(tabsolute_importN(t encodebytes(t encodestringi(tConfig(tdebug(t encode_to_s3tdecode_from_s3ts3_quote(t time_to_epocht deunicodisetcheck_bucket_name_dns_support(t SortedDict(tsha1tsha256cC@sÆ|s dSd}|rdpd}xt|jƒƒD]{}|rS||krSq5n||}|d krŒ|dt|dtƒ|f7}q5|d|t||dtƒf7}q5W|oÅd|dS( sª Format URL parameters from a params dict and returns ?parm1=val1&parm2=val2 or an empty string if there are no parameters. Output of this function should be appended directly to self.resource['uri'] - Set "always_have_equal" to always have the "=" char for a param even when there is no value for it. - Set "limited_keys" list to restrict the param string to keys that are defined in it. tu=s&%s%stunicode_outputs&%s=%st?iN(NR(tsortedtkeystNoneRtTrue(tparamstalways_have_equalt limited_keyst param_strt equal_strtkeytvalue((sI/oak/stanford/groups/akundaje/marinovg/programs/s3cmd-master/S3/Crypto.pytformat_param_str s   #(RcC@s@tjƒj}ttjt|ƒ|tƒjƒƒjƒ}|S(s{Sign a string with the secret key, returning base64 encoded results. By default the configured secret key is used, but may be overridden as an argument. Useful for REST authentication. See http://s3.amazonaws.com/doc/s3-developer-guide/RESTAuthentication.html string_to_sign should be utf-8 "bytes". and returned signature will be utf-8 encoded "bytes". ( Rt secret_keyRthmactnewRR tdigesttstrip(tstring_to_signRt signature((sI/oak/stanford/groups/akundaje/marinovg/programs/s3cmd-master/S3/Crypto.pytsign_string_v2<s -R$tGETt/c C@sØddddddddd d d d d dddddg}|d"krZtdtƒ}ntjƒj}|d}||jddƒd7}||jddƒd7}||jddƒd7}xrt|jƒƒD]^}|jdƒr||d||d7}n|jdƒrÔ||d||d7}qÔqÔWt |dt dtƒ}t |d|ƒ}||7}||7}t dt |ƒƒttt|ƒƒƒ} tt|jƒƒdtƒ} d |d| | d!<| S(#sASign a string with the secret key, returning base64 encoded results. By default the configured secret key is used, but may be overridden as an argument. Useful for REST authentication. See http://s3.amazonaws.com/doc/s3-developer-guide/RESTAuthentication.html string_to_sign should be utf-8 "bytes". taclt lifecycletlocationtloggingt notificationt partNumbertpolicytrequestPaymentttorrenttuploadIdtuploadst versionIdt versioningtversionstwebsitetdeletetcorstrestoret ignore_cases s content-md5Rs content-typetdatesx-amz-t:sx-emc-tquote_backslashesRRs SignHeaders: sAWS t AuthorizationN(RR RRt access_keytgetRRt startswithRtFalseRRtreprRR$Rtlisttitems( tmethodt canonical_uriRt cur_headerstSUBRESOURCES_TO_INCLUDER>R"theadertcanonical_querystringR#t new_headers((sI/oak/stanford/groups/akundaje/marinovg/programs/s3cmd-master/S3/Crypto.pytsign_request_v2Js6      !  RLcC@s%td|jƒd|jƒd|ƒS(sESign a URL in s3://bucket/object form with the given expiry time. The object will be accessible via the signed URL until the AWS key and secret are revoked or the expiry time is reached, even if the object is otherwise private. See: http://s3.amazonaws.com/doc/s3-developer-guide/RESTAuthentication.html tbuckettobjecttexpiry(tsign_url_base_v2RMRN(t url_to_signRO((sI/oak/stanford/groups/akundaje/marinovg/programs/s3cmd-master/S3/Crypto.pyt sign_url_v2}s  RRcK@sÊtjƒj}tjƒj}t|dƒ|dt host_baseRNR<Rthttptprotothttpss#Expiry interpreted as epoch time %ss'GET %(expiry)d /%(bucket)s/%(object)sRsresponse-content-disposition=t&sresponse-content-type=sSigning plaintext: %rtsigsUrlencoded signature: %sRMs/%(proto)s://%(bucket)s.%(host_base)s/%(object)ss/%(proto)s://%(host_base)s/%(bucket)s/%(object)ssC?AWSAccessKeyId=%(access_key)s&Expires=%(expiry)d&Signature=%(sig)ss&response-content-disposition=s&response-content-type=(Rtcontent_dispositiont content_typeRR>RSRRARtsignurl_use_httpsRR$RR t host_bucket(tparmsRYRZtsigntexttparam_separatorturl((sI/oak/stanford/groups/akundaje/marinovg/programs/s3cmd-master/S3/Crypto.pyRPŒs>       "   cC@stj|t|ƒtƒjƒS(N(RRRR R (Rtmsg((sI/oak/stanford/groups/akundaje/marinovg/programs/s3cmd-master/S3/Crypto.pytsign¯scC@sJttd|ƒ|ƒ}t||ƒ}t||ƒ}t|dƒ}|S(s1 Input: unicode params Output: bytes tAWS4t aws4_request(RbR(Rt dateStampt regionNamet serviceNametkDatetkRegiontkServicetkSigning((sI/oak/stanford/groups/akundaje/marinovg/programs/s3cmd-master/S3/Crypto.pytgetSignatureKey²s Rs us-east-1cC@s;d}|dkr$tdtƒ}ntjƒ}|j} |j} tjjƒ} | jdƒ} | jdƒ} t | | ||ƒ}t |dt dtƒ}t |dtƒj dƒ}t|ƒttd ƒƒkrêt|jƒƒ}nttt|ƒƒjƒƒ}i|d 6|d 6| d 6}d }xi|jƒD][}|dks6||jdƒkrcq6n||jƒ||jƒ<|d|jƒ7}q6Wd }x6t|jƒƒD]"\}}||d|d7}q®W|}td|ƒdjt|jdƒƒƒ}|d|d|d|d|d|}td|ƒd}| d|d|dd}|d| d|dttt|ƒƒjƒƒ}ttj|t|ƒtƒjƒƒ}|dd| d|dd|dd|}t|jƒƒ}|ji| d 6|d6|d 6ƒtd|ƒ|S(Nts3R9s%Y%m%dT%H%M%SZs%Y%m%dR<RRRRthostsx-amz-content-sha256s x-amz-dates$host;x-amz-content-sha256;x-amz-dateR=t;R;s ucanonical_headers = %ss,Canonical Request: %s ----------------------sAWS4-HMAC-SHA256R&Rdt s Credential=t,sSignedHeaders=s Signature=ssignature-v4 headers: %s(RR RRR>RtdatetimetutcnowtstrftimeRlRRARtlstripttypeR Rt hexdigestRRtsplitR!RRDRtjoinRRtupdate(RERnRFRtregionRGtbodytservicetcfgR>Rtttamzdatet datestampt signing_keyRJt payload_hashtcanonical_headerstsigned_headersRItcanonical_headers_strtktvtcanonical_requestt algorithmtcredential_scopeR"R#tauthorization_headerRK((sI/oak/stanford/groups/akundaje/marinovg/programs/s3cmd-master/S3/Crypto.pytsign_request_v4½sV      !.6'2 Rc@sóy tƒ}Wntk r,tjƒ}nXtt|ƒdƒ«‰|dkr„x•t‡fd†dƒD]}|j|ƒqjWneˆj|ƒ|}xO|dkrèˆj t d|ƒƒ}|sÈPn|t |ƒ8}|j|ƒqšWWdQX|S(Ntrbc@s ˆjdƒS(Ni (tread((tf(sI/oak/stanford/groups/akundaje/marinovg/programs/s3cmd-master/S3/Crypto.pytsRii ( R t ExceptionRtopenR RtiterRztseekRtmintlen(tfilenametoffsettsizethashtchunkt size_left((RsI/oak/stanford/groups/akundaje/marinovg/programs/s3cmd-master/S3/Crypto.pytchecksum_sha256_fileþs"    cC@sey tƒ}Wntk r,tjƒ}nX|dkrI|j|ƒn|j||||!ƒ|S(N(R R’RRRz(tbufferR™RšR›((sI/oak/stanford/groups/akundaje/marinovg/programs/s3cmd-master/S3/Crypto.pytchecksum_sha256_buffers   ('t __future__RtsysRtbase64RRt ImportErrorRRR*Rt BaseUtilsRRRtUtilsRR R R RrthashlibR R t__all__RARRtappendR$RLRRRPRbRlRRžR (((sI/oak/stanford/groups/akundaje/marinovg/programs/s3cmd-master/S3/Crypto.pyt s<      1   #  >