pg_+ <ddlZddlmZmZmZddlmZmZddlm Z ddl m Z ej rddl mZde jddfd Zd d defd Zdd ZddZd d dede jfdZd d dddedefdZd d dddededdf dZGdde jZGdde jZdS)N)InvalidSignatureUnsupportedAlgorithm_Reasons)_calculate_digest_and_algorithm_evp_pkey_derive) serialization)ec)Backendsignature_algorithmreturncnt|tjstdtjdS)Nz/Unsupported elliptic curve signature algorithm.) isinstancer ECDSArr UNSUPPORTED_PUBLIC_KEY_ALGORITHM)r s I/usr/lib/python3/dist-packages/cryptography/hazmat/backends/openssl/ec.py_check_signature_algorithmrs> )28 4 4 " =  5     backendr c8|j|}|||jjk|j|}||jjkrtd|jjs-|j |dkrtd|j |}|||jjk|j | d}|S)Nz@ECDSA keys with explicit parameters are unsupported at this timerascii) _libEC_KEY_get0_groupopenssl_assert_ffiNULLEC_GROUP_get_curve_name NID_undef ValueErrorCRYPTOGRAPHY_IS_LIBRESSLEC_GROUP_get_asn1_flag OBJ_nid2snstringdecode)rec_keygroupnid curve_namesns r_ec_key_curve_snr)!s  L * *6 2 2E 5GL$55666 , . .u 5 5C gl$$$ N    L 1 L / / 6 6! ; ; N   ((--J :)::;;;   Z ( ( / / 8 8B IrcP|j||jjdS)z Set the named curve flag on the EC_KEY. This causes OpenSSL to serialize EC keys along with their curve OID which makes deserialization easier. N)rEC_KEY_set_asn1_flagOPENSSL_EC_NAMED_CURVE)rec_cdatas r_mark_asn1_named_ec_curver.?s2 L%%',5rcN|j|}|||jjk|j|}|||jjk|j||rtddS)Nz;Cannot load an EC public key where the point is at infinity)rEC_KEY_get0_public_keyrrrrEC_POINT_is_at_infinityr)rr-pointr%s r_check_key_infinityr3Ks L / / 9 9E 5GL$55666 L * *8 4 4E 5GL$55666|++E599  I     rr(c tj|S#t$r.td|t jwxYw)Nz${} is not a supported elliptic curve)r _CURVE_TYPESKeyErrorrformatrUNSUPPORTED_ELLIPTIC_CURVE)rr(s r_sn_to_elliptic_curver9Vs^ r"$$$    " 2 9 9" = =  /    s 8A private_key_EllipticCurvePrivateKeydatac|j|j}||dk|jd|}|jdd}|jd|t||||j}||dk|j|d|dS)Nrzunsigned char[]zunsigned int[]) r ECDSA_size_ec_keyrrnew ECDSA_signlenbuffer)rr:r<max_sizesigbuf siglen_ptrress r_ecdsa_sig_signrI`s|&&{':;;H 8a<((( \  / : :F!!"2A66J , ! ! 4TFJ 0C  C 3!8$$$ <  v & &A 77r public_key_EllipticCurvePublicKey signaturec |jd|t||t||j}|dkr|t dS)Nrr>)r ECDSA_verifyrCr@_consume_errorsr)rrJrLr<rHs r_ecdsa_sig_verifyrPosa , # # 4TIs9~~z7I  C axx!!!xrceZdZddZedejfdZedefdZ dej dej de fd Z dej fd Zdejfd Zd ejd ejdejde fdZde dejde fdZdS)r;rr c||_||_||_t||}t |||_t ||t||dSN_backendr@ _evp_pkeyr)r9_curver.r3selfr ec_key_cdataevp_pkeyr(s r__init__z!_EllipticCurvePrivateKey.__init__~] # ! g| 4 4+GR88 !'<888G\22222rr c|jSrSrWrYs rcurvez_EllipticCurvePrivateKey.curve {rc|jjSrSrakey_sizer`s rrez!_EllipticCurvePrivateKey.key_size z""r algorithmpeer_public_keyc|j||jstdtj|jj|jjkrtdt|j|j |S)Nz1This backend does not support the ECDH algorithm.z2peer_public_key and self are not on the same curve) rU+elliptic_curve_exchange_algorithm_supportedrarrUNSUPPORTED_EXCHANGE_ALGORITHMnamerrrV)rYrgrhs rexchangez!_EllipticCurvePrivateKey.exchanges M E E4:    'C7   % 8 8D   t~OOOrc|jj|j}|j||jjjk|jj|}|j|}|jj |j}|j||jjjk|jj ||}|j|dk|j |}t|j||S)Nr>) rUrrr@rrrr_ec_key_new_by_curve_nidr0EC_KEY_set_public_key_ec_cdata_to_evp_pkeyrK)rYr% curve_nid public_ec_keyr2rHr[s rrJz#_EllipticCurvePrivateKey.public_keys "44T\BB $$Udm.@.E%EFFFM&>>uEE  >>yII  "99$,GG $$Udm.@.E%EFFFm 66}eLL $$SAX...=66}EE&t}mXNNNrc|jj|j}|j|}t j||S)N) private_valuepublic_numbers) rUrEC_KEY_get0_private_keyr@ _bn_to_intr EllipticCurvePrivateNumbersrJrv)rYbnrus rprivate_numbersz(_EllipticCurvePrivateKey.private_numberssg ]  7 7 E E 0044 -'??,,;;==    rencodingr7encryption_algorithmcT|j|||||j|jSrS)rU_private_key_bytesrVr@)rYr|r7r}s r private_bytesz&_EllipticCurvePrivateKey.private_bytess4 }//    N L    rr<r c|t|t||j\}}t|j||SrS)rrrgrIrU)rYr<r _s rsignz_EllipticCurvePrivateKey.signsE ##67771   )  at}dD999rNrr )__name__ __module__ __qualname__r\propertyr EllipticCurveraintreECDHEllipticCurvePublicKeybytesrmrJryr{rEncoding PrivateFormatKeySerializationEncryptionrEllipticCurveSignatureAlgorithmrrrr;r;}sh3333r'X#####X#PP353LP PPPP(OB5OOOO" !?      (  +  ,F        : : ? :  : : : : : :rceZdZddZedejfdZedefdZ dej fdZ de j defd Zd e jde j defd Zd ed edejddfdZdS)rKrr c||_||_||_t||}t |||_t ||t||dSrSrTrXs rr\z _EllipticCurvePublicKey.__init__r]rr c|jSrSr_r`s rraz_EllipticCurvePublicKey.curverbrc|jjSrSrdr`s rrez _EllipticCurvePublicKey.key_sizerfrc|j|j\}}|jj|j}|j||jjjk|j5}|jj |}|jj |}||||||}|j|dk|j |}|j |} dddn #1swxYwYtj || |j S)Nr>)xyra)rU _ec_key_determine_group_get_funcr@rr0rrr _tmp_bn_ctx BN_CTX_getrxr EllipticCurvePublicNumbersrW) rYget_funcr%r2bn_ctxbn_xbn_yrHrrs rrvz&_EllipticCurvePublicKey.public_numberssn-HH L  % "99$,GG $$Udm.@.E%EFFF ] & & ( ( /F=%0088D=%0088D(5%tV<3333r'X#####X#J =JJJJ&1M$>1511110(*  2 @ @ @ ? @  @ @ @ @ @ @rr)rr r N)typingcryptography.exceptionsrrr*cryptography.hazmat.backends.openssl.utilsrrcryptography.hazmat.primitivesr)cryptography.hazmat.primitives.asymmetricr TYPE_CHECKING,cryptography.hazmat.backends.openssl.backendr rrstrr)r.r3rr9rrIrPEllipticCurvePrivateKeyr;rrKrrrrsB   988888888888 EDDDDDD ;      iC<         9 # ":J     8  8%? 8GL 8  8 8 8 8   )         Y:Y:Y:Y:Y:r9Y:Y:Y:xb@b@b@b@b@b7b@b@b@b@b@r