Mh>TUdZddlmZddlZddlZddlZddlZddlm Z ddl m Z ddl m Z m Z ddlmZddlmZ ddlZd Zd Zeje eejd en #e$r dd lmZn #e$rdZYnwxYwYnwxYwdd lmZddlmZmZddlm Z m!Z!m"Z"m#Z#m$Z$m%Z%m&Z&m'Z'm(Z(m)Z)ddl*m+Z+m,Z,ddl-m.Z.m/Z/m0Z0m1Z1ej2Z3de3DZ4GddZ5Gdde5Z6Gdde5e+Z7dZ8dZ9e dZ:Gdde+Z;dd dd!iid"fiZeGd%d eZ?e?j@ZAeBd&kr eAdSdS)'zUtilities for signing notebooks) annotationsN) OrderedDict)contextmanager)datetimetimezone)HMAC)Pathc*|S)z8Adapt datetime.datetime to timezone-naive ISO 8601 date.) isoformatvals M/var/www/html/test/jupyter/venv/lib/python3.11/site-packages/nbformat/sign.pyadapt_datetime_isors}}cNtj|S)z6Convert ISO 8601 datetime to datetime.datetime object.)r fromisoformatdecoder s rconvert_datetimers%cjjll333rr)dbapi2) encodebytes) JupyterApp base_flags) AnyBoolBytesCallableEnumInstanceIntegerUnicodedefaultobserve)LoggingConfigurableMultipleInstanceError) NO_CONVERT __version__readreadsc<g|]}|d|S)shake_) startswith).0as r r/1s) F F FAq||H/E/E Fa F F Frc*eZdZdZdZdZdZdZdS)SignatureStorez!Base class for a signature store.ct)zrImplement in subclass to store a signature. Should not raise if the signature is already stored. NotImplementedErrorselfdigest algorithms rstore_signaturezSignatureStore.store_signature7 "!rct)zImplement in subclass to check if a signature is known. Return True for a known signature, False for unknown. r3r5s rcheck_signaturezSignatureStore.check_signature>r:rct)zoImplement in subclass to delete a signature. Should not raise if the signature is not stored. r3r5s rremove_signaturezSignatureStore.remove_signatureEr:rcdS)zClose any open connections this store may use. If the store maintains any open connections (e.g. to a database), they should be closed. Nr6s rclosezSignatureStore.closeLsrN)__name__ __module__ __qualname____doc__r9r<r>rBr@rrr1r14sV++"""""""""     rr1c4eZdZdZdZdZdZdZdZdZ dS) MemorySignatureStorez/Non-persistent storage of signatures in memory.c,t|_dS)z$Initialize a memory signature store.N)rdatarAs r__init__zMemorySignatureStore.__init__Ys MM rc||f}|j|dd|j|<|dS)zStore a signature.N)rKpop _maybe_cullr6r7r8keys rr9z$MemorySignatureStore.store_signature_sEy! c4    # rct|j|jkrdStt|jdzD]}|jddS)zDIf more than cache_size signatures are stored, delete the oldest 25%NF)last)lenrK cache_sizerangepopitem)r6_s rrOz MemorySignatureStore._maybe_cullhsf ty>>DO + + Fs49~~*++ * *A I  5  ) ) ) ) * *rcH||f}||jvr|j|=d|j|<dSdS)zCheck a signature.NTF)rKrPs rr<z$MemorySignatureStore.check_signatureps7y! $)   #!DIcN4urc@|j||fddS)zRemove a signature.N)rKrNr5s rr>z%MemorySignatureStore.remove_signaturezs# vy)400000rN) rCrDrErFrVrLr9rOr<r>r@rrrHrHTsj99J""" ***11111rrHceZdZdZedddZfdZdZd Z d Z d Z d Z d Z dZxZS)SQLiteSignatureStorez'Store signatures in an SQLite database.rIzThe number of notebook signatures to cache. When the number of signatures exceeds this value, the oldest 25% of signatures will be culled. helpTconfigc |tjdi|||_|||_dS)z!Initialize a sql signature store.Nr@)superrLdb_file _connect_dbdb)r6rdkwargs __class__s rrLzSQLiteSignatureStore.__init__s@""6""" ""7++rcJ|j|jdSdS)z Close the db.N)rfrBrAs rrBzSQLiteSignatureStore.closes% 7  GMMOOOOO  rcdtjtjzi}d} tj|fi|}||n/#tjtjf$r|dkr|dz}|||j d| t| |tj|fi|}||n#tjtjtf$r`|||j dd|_ tjdi|}||YnwxYwYnwxYw|S)N detect_types:memory:z.bakzThe signatures database cannot be opened; maybe it is corrupted or encrypted. You may need to rerun your notebooks to ensure that they are trusted to run Javascript. The old signatures database has been renamed to %s and a new one has been created.zFailed committing signatures database to disk. You may need to move the database file to a non-networked file system, using config option `NotebookNotary.db_file`. Using in-memory signatures database for the remainder of this session.)rl)sqlite3PARSE_DECLTYPESPARSE_COLNAMESconnectinit_db DatabaseErrorOperationalErrorrBlogwarningr renameOSErrorrd)r6rdrgrfold_db_locations rrez SQLiteSignatureStore._connect_dbs G3g6LL$ ! 33F33B LL    %w'?@   *$$")F"2>HHJJJ  m$ %MM((999 ;;F;;BLL$$$$-w/GQ % % %~ H$$a $.DL >>v>>BLL$$$$$ %= > s8'AAE4"A C,+E4,A>E-*E4,E--E43E4c|d|d|dS)zInitialize the db.a CREATE TABLE IF NOT EXISTS nbsignatures ( id integer PRIMARY KEY AUTOINCREMENT, algorithm text, signature text, path text, last_seen timestamp )zb CREATE INDEX IF NOT EXISTS algosig ON nbsignatures(algorithm, signature) N)executecommit)r6rfs rrqzSQLiteSignatureStore.init_dbsM        rc|jdS|||s<|jd||tjt jfn;|jdtjt j||f|j|jd\}||j kr| dSdS)zStore a signature in the db.Nz} INSERT INTO nbsignatures (algorithm, signature, last_seen) VALUES (?, ?, ?) tzz}UPDATE nbsignatures SET last_seen = ? WHERE algorithm = ? AND signature = ?; z!SELECT Count(*) FROM nbsignatures) rfr<rzrnowrutcr{fetchonerVcull_db)r6r7r8ns rr9z$SQLiteSignatureStore.store_signatures 7? F##FI66  GOOFHLHL$A$A$AB      GOO... 6B     wBCCLLNN t   LLNNNNN  rc&|jdS|jd||f}|dS|jdtjt j||f|jdS)z!Check a signature against the db.NFzgSELECT id FROM nbsignatures WHERE algorithm = ? AND signature = ?; zqUPDATE nbsignatures SET last_seen = ? WHERE algorithm = ? AND signature = ?; r}T)rfrzrrrrrr{)r6r7r8rs rr<z$SQLiteSignatureStore.check_signatures 7?5 GOO     (**  95  \X\ * * *Iv >     trcr|jd||f|jdS)zRemove a signature from the db.zlDELETE FROM nbsignatures WHERE algorithm = ? AND signature = ?; N)rfrzr{r5s rr>z%SQLiteSignatureStore.remove_signaturesC        rc |jdttd|jzdfdS)zHCull oldest 25% of the trusted signatures when the size limit is reachedzDELETE FROM nbsignatures WHERE id IN ( SELECT id FROM nbsignatures ORDER BY last_seen DESC LIMIT -1 OFFSET ? ); g?r%N)rfrzmaxintrVrAs rrzSQLiteSignatureStore.cull_dbsJ  TDO+,,a 0 0 2      r)rCrDrErFrtagrVrLrBrerqr9r<r>r __classcell__rhs@rr]r]s11    cc ,,,,,  '''R(6.          rr]c#Kt|tr^t|D]L}||}t|tsJ|Vt |Ed{VMdSt|t tfr|D]}t |Ed{VdSt|tr|dVdSt|dVdS)zYield every item in a container as bytes Allows any JSONable object to be passed to an HMAC digester without having to serialize the whole thing. Nutf8) isinstancedictsortedstrencodeyield_everythinglisttuple)objrQvalueelements rrrs7 #t &#;; / /CHEc3'' ' ' '**,,   '.. . . . . . . . .  / / C$ ' '& 1 1G'00 0 0 0 0 0 0 0 0 1 1 C  &jj       #hhoof%%%%%%%rc#K|jdkr|dD]}|ddkr|VdS|jdkr&|dD]}|dD]}|ddkr|VdSdS)zSIterator that yields all cells in a notebook nbformat version independent rScells cell_typecode worksheetsN)nbformat)nbcellwss ryield_code_cellsr1s  {awK  DK F**      \"  B7    $..JJJ     rc#K|ddd} dV| ||dd<dSdS#| ||dd<wxYw)zContext manager for operating on a notebook with its signature removed Used for excluding the previous signature when computing a notebook's signature. metadata signatureN)rN)rsave_signatures rsignature_removedrAsq  ^'' T::N9   %*8BzN; ' ' ' & %> %*8BzN; ' 8 8 8 8s 5AceZdZdZeddZeddZe ddZ ed d Z ed dZ ed d Z eedddZeddZeZeddZeddZeddZeddZeddZfdZdZdZdZdZd Z d!Z!d"Z"d#Z#xZ$S)$NotebookNotaryz8A class for computing and verifying notebook signatures.z5The storage directory for notary secret and database.r^Tr`data_dircd} tjrtj}n#t$rYnwxYw|$t}|g|jS)N)argv)r initializedinstancer$ initializer)r6apps r_data_dir_defaultz NotebookNotary._data_dir_defaultVsv %'' , )++$    D  ;,,C NNN # # #|s &+ 88zoA callable returning the storage backend for notebook signatures. The default uses an SQLite database. store_factorycfd}|S)Nct(jdtSt jS)Nz1Missing SQLite3, all notebooks will be untrusted!)rmrtrurHr]rdrAsrfactoryz6NotebookNotary._store_factory_default..factoryksC  G,---' 55 5rr@)r6rs` r_store_factory_defaultz%NotebookNotary._store_factory_defaultis# 6 6 6 6 6rzThe sqlite file in which to store notebook signatures. By default, this will be in your Jupyter data directory. You can set it to ':memory:' to disable sqlite writing to the filesystem. rdc\|jsdStt|jdz S)Nrlznbsignatures.dbrrr rAs r_db_file_defaultzNotebookNotary._db_file_default|s/} :4 &&)::;;;rsha256z-The hashing algorithm used to sign notebooks.) default_valuer_r8cFtt|d|_dS)Nnew)getattrhashlib digestmod)r6changes r_algorithm_changedz!NotebookNotary._algorithm_changeds &-88rrc6tt|jS)N)rrr8rAs r_digestmod_defaultz!NotebookNotary._digestmod_defaultsw///rz(The file where the secret key is stored. secret_filec\|jsdStt|jdz S)Nnotebook_secretrrAs r_secret_file_defaultz#NotebookNotary._secret_file_defaults/} 24 &&)::;;;rz/The secret key with which notebooks are signed.secretcht|jrUt|jd5}|cdddS#1swxYwYdSt t jd}|||S)Nrb) r rexistsopenr(rosurandom_write_secret_file)r6frs r_secret_defaultzNotebookNotary._secret_defaults  ! ! ( ( * * d&'',,T22 avvxx                  !D!1!122F  # #F + + +MsA//A36A3c ltjdi|||_dS)zInitialize the notary.Nr@)rcrLrstore)r6rgrhs rrLzNotebookNotary.__init__s7""6"""'')) rc|jd|jt|jd5}||dddn #1swxYwY t|jdn0#t$r#|jd|jYnwxYw|S)z!write my secret to my secret_filez"Writing notebook-signing key to %swbNizCould not set permissions on %s) rtinforr rwritechmodrwru)r6rrs rrz!NotebookNotary._write_secret_files   :D@P Q Q Q Q Q R s$A**A.1A.6'B*C  C ct|j|j}t|5t |D]}|| dddn #1swxYwY|S)zpCompute a notebook's signature by hashing the entire contents of the notebook via HMAC digest. )rN)rrrrrupdate hexdigest)r6rhmacbs rcompute_signaturez NotebookNotary.compute_signatures DK4>::: r " "  %b))   A                 ~~s(A  A$'A$c|jdkrdS||}|j||jS)aMCheck a notebook's stored signature If a signature is stored in the notebook's metadata, a new signature is computed and compared with the stored value. Returns True if the signature is found and matches, False otherwise. The following conditions must all be met for a notebook to be trusted: - a signature is stored in the form 'scheme:hexdigest' - the stored scheme matches the requested scheme - the requested scheme is available from hashlib - the computed hash from notebook_signature matches the stored hash rF)rrrr<r8r6rrs rr<zNotebookNotary.check_signaturesA ;??5**2.. z)))T^DDDrc|jdkrdS||}|j||jdS)zSign a notebook, indicating that its output is trusted on this machine Stores hash algorithm and hmac digest in a local database of trusted notebooks. rN)rrrr9r8rs rsignzNotebookNotary.signsG ;?? F**2..  ""9dn=====rcp||}|j||jdS)zvEnsure that a notebook is untrusted by removing its signature from the trusted database, if present. N)rrr>r8rs runsignzNotebookNotary.unsigns7 **2..  ##It~>>>>>rcZ|jdkrdSt|D] }||dd<dS)aJMark cells as trusted if the notebook's signature can be verified Sets ``cell.metadata.trusted = True | False`` on all code cells, depending on the *trusted* parameter. This will typically be the return value from ``self.check_signature(nb)``. This function is the inverse of check_cells rNrtrusted)rrr6rrrs r mark_cellszNotebookNotary.mark_cellssG ;?? F$R(( 2 2D*1D Y ' ' 2 2rc|dddrdS|dkr ddg}hd}nd dg}hd }|d D]5}|d }||vr't|}||rdS6dS) aDo we trust an individual cell? Return True if: - cell is explicitly trusted - cell has no potentially unsafe rich output If a cell has no output, or only simple print statements, it will always be trusted. rrFTrSexecute_result display_data>r output_typeexecution_countpyout>rr prompt_numberoutputsr)rNset difference)r6rnbformat_versionunsafe_output_types safe_keysoutputr output_keyss r _check_cellzNotebookNotary._check_cells     5 1 1 4 q #3^"D FFFII#*N"; DDDI9o ! !F /K111!&kk )))44! 55trc|jdkrdSd}t|D]}|||jsd} |S)aReturn whether all code cells are trusted. A cell is trusted if the 'trusted' field in its metadata is truthy, or if it has no potentially unsafe outputs. If there are no code cells, return True. This function is the inverse of mark_cells. rFT)rrrrs r check_cellszNotebookNotary.check_cellssU ;??5$R((  D##D"+66 r)%rCrDrErFr rrr!rrrrrdrr algorithmsr8r"rrrrrrrrrrLrrr<rrrrrrrs@rrrOsBBwWXXX\\]H WZ   H1 cc  W_   g   cc   WY<<<  @ cc   W[999I W[000'MNNNRRZ^R__K W]<<< UM N N N R RZ^ R _ _F WX*****       EEE&>>>??? 2 2 2BrrresetTrustNotebookAppTzjDelete the trusted notebook cache. All previously signed notebooks will become untrusted. zdict[str, t.Any] trust_flagsceZdZdZeZdZeddZdZ e Z e dd d ZeeZed d Zd ZddZdZdZdS)rz+An application for handling notebook trust.zSign one or more Jupyter notebooks with your key, to trust their dynamic (HTML, Javascript) output. Otherwise, you will have to re-execute the notebook to see output. config_file_namecdS)Njupyter_notebook_configr@rAs r_config_file_name_defaultz*TrustNotebookApp._config_file_name_defaultDs((rz; jupyter trust mynotebook.ipynb and_this_one.ipynb FzIf True, delete the trusted signature cache. After reset, all previously signed notebooks will become untrusted. r^Tr`notaryc.t||jS)N)parentr)rrrAs r_notary_defaultz TrustNotebookApp._notary_defaultWsTDMBBBBrctt|s0|jd||dt|d5}t |t}dddn #1swxYwY|||dS)z#Sign a notebook from the filesystemzNotebook missing: %sr%r)encodingN) r rrterrorexitrr(r& sign_notebook)r6 notebook_pathrrs rsign_notebook_filez#TrustNotebookApp.sign_notebook_file[sM""))++  HNN1= A A A IIaLLL - % %v % 6 6 %!a$$B % % % % % % % % % % % % % % % 2}-----s5BBBc|j|rtd|zdStd|z|j|dS)z"Sign a notebook that's been loadedzNotebook already signed: %szSigning notebook: %sN)r r<printr)r6rrs rrzTrustNotebookApp.sign_notebookdsd ; & &r * * ! /-? @ @ @ @ @ (=8 9 9 9 K  R rctd|jjz|jt jddS)z%Generate a new notebook signature keyzGenerating new notebook key: %srN)rr rrrrrAs rgenerate_new_keyz!TrustNotebookApp.generate_new_keylsA /$+2IIJJJ &&rz$'7'788888rch|jrt|jjrGt d|jjzt|jj|dS|js||j dtj }t|tsJt!|t"}||ddS|jD]}||dS)zStart the trust notebook app.z$Removing trusted signature cache: %sNzReading notebook from stdinr)rr r rdrrunlinkr extra_argsrtdebugsysstdinr(rrr)r&rr)r6nb_srrs rstartzTrustNotebookApp.startqs : DK'((//11 3>##DdC(( ( ( (tZ((B   r9 - - - - -!% 7 7 '' 6666 7 7rN)r)rCrDrErFr'version descriptionr!rexamplesrflagsrrrrrr r rrrr r@rrrr9s55GK W   ))! )H E D       cc  Xn % %F WXCCC...!!!!999 77777r__main__)CrF __future__rrrrtypingt collectionsr contextlibrrrrrpathlibr rmrrregister_adapterregister_converter ImportError pysqlite2rbase64rjupyter_core.applicationrr traitletsrrrrrrrr r!r"traitlets.configr#r$rr&r'r(r)algorithms_guaranteedalgorithms_setrr1rHr]rrrrr__annotations__rrlaunch_instancemainrCr@rrr9s%%%#""""" ######%%%%%%''''''''NNN444GX'9:::Gz+;<<<<///////  ;;;;;;;;ddddddddddddddddddddddddGGGGGGGG222222222222.G F F F F         @(1(1(1(1(1>(1(1(1VZ Z Z Z Z >+>Z Z Z z&&&*     9 9 9\\\\\(\\\@ gt_- !  :H7H7H7H7H7zH7H7H7V' zDFFFFFs5,A((B.A54B5A?<B>A??BB