3Tf,0ddlmZddlZddlmZmZmZddlmZm Z ddl m Z ddl m Z ejrddlmZ ddZdd Zdd Zdd Zdd Z ddZ ddZGdd e j0ZGdde j4Zy)) annotationsN)InvalidSignatureUnsupportedAlgorithm_Reasons)_calculate_digest_and_algorithm_evp_pkey_derive) serialization)ec)Backendclt|tjstdtj y)Nz/Unsupported elliptic curve signature algorithm.) isinstancer ECDSArr UNSUPPORTED_PUBLIC_KEY_ALGORITHM)signature_algorithms I/usr/lib/python3/dist-packages/cryptography/hazmat/backends/openssl/ec.py_check_signature_algorithmrs1 )288 4" =  5 5   5cb|jj|}|j||jjk7|jj |}||jj k(r td|jjs)|jj|dk(r td|jj|}|j||jjk7|jj|jd}|S)Nz@ECDSA keys with explicit parameters are unsupported at this timerascii) _libEC_KEY_get0_groupopenssl_assert_ffiNULLEC_GROUP_get_curve_name NID_undef ValueErrorCRYPTOGRAPHY_IS_LIBRESSLEC_GROUP_get_asn1_flag OBJ_nid2snstringdecode)backendec_keygroupnid curve_namesns r_ec_key_curve_snr)#s LL * *6 2E 5GLL$5$556 ,, . .u 5C gll$$$ N   LL 1 1 LL / / 6! ; N  ((-J :):)::;   Z ( / / 8B Ircd|jj||jjy)z Set the named curve flag on the EC_KEY. This causes OpenSSL to serialize EC keys along with their curve OID which makes deserialization easier. N)rEC_KEY_set_asn1_flagOPENSSL_EC_NAMED_CURVE)r#ec_cdatas r_mark_asn1_named_ec_curver.As% LL%%',,55rc^|jj|}|j||jjk7|jj |}|j||jjk7|jj ||r tdy)Nz;Cannot load an EC public key where the point is at infinity)rEC_KEY_get0_public_keyrrrrEC_POINT_is_at_infinityr)r#r-pointr%s r_check_key_infinityr3Ms LL / / 9E 5GLL$5$556 LL * *8 4E 5GLL$5$556||++E59 I  :rc tj|S#t$rt|dtj wxYw)Nz" is not a supported elliptic curve)r _CURVE_TYPESKeyErrorrrUNSUPPORTED_ELLIPTIC_CURVE)r#r(s r_sn_to_elliptic_curver8XsI r"$$  "d4 5  / /   s 'A_EllipticCurvePrivateKeyc|jj|j}|j|dkD|jj d|}|jj dd}|jj d|t||||j}|j|dk(|jj|d|dS)Nrzunsigned char[]zunsigned int[]) r ECDSA_size_ec_keyrrnew ECDSA_signlenbuffer)r# private_keydatamax_sizesigbuf siglen_ptrress r_ecdsa_sig_signrHbs||&&{':':;H 8a<( \\  / :F!!"2A6J ,, ! ! 4TFJ 0C0C C 3!8$ <<  v &A 77r_EllipticCurvePublicKeyc |jjd|t||t||j}|dk7r|j t y)Nrr;)r ECDSA_verifyr@r=_consume_errorsr)r# public_key signaturerCrGs r_ecdsa_sig_verifyrOqsS ,, # # 4TIs9~z7I7I C ax!rceZdZd dZed dZed dZ d dZddZddZ ddZ ddZ y )r9c||_||_||_t||}t |||_t ||t||yN_backendr= _evp_pkeyr)r8_curver.r3selfr# ec_key_cdataevp_pkeyr(s r__init__z!_EllipticCurvePrivateKey.__init__E # ! g| 4+GR8 !'<8G\2rc|jSrRrVrXs rcurvez_EllipticCurvePrivateKey.curve {{rc.|jjSrRr`key_sizer_s rrdz!_EllipticCurvePrivateKey.key_sizezz"""rc4|jj||jstdtj |jj |jj k7r tdt|j|j|S)Nz1This backend does not support the ECDH algorithm.z2peer_public_key and self are not on the same curve) rT+elliptic_curve_exchange_algorithm_supportedr`rrUNSUPPORTED_EXCHANGE_ALGORITHMnamerrrU)rX algorithmpeer_public_keys rexchangez!_EllipticCurvePrivateKey.exchanges MM E E4:: 'C77   % % 8D   t~~OOrc|jjj|j}|jj ||jj j k7|jjj|}|jj|}|jjj|j}|jj ||jj j k7|jjj||}|jj |dk(|jj|}t|j||SNr;) rTrrr=rrrr_ec_key_new_by_curve_nidr0EC_KEY_set_public_key_ec_cdata_to_evp_pkeyrI)rXr% curve_nid public_ec_keyr2rGrZs rrMz#_EllipticCurvePrivateKey.public_keys ""44T\\B $$Udmm.@.@.E.E%EFMM&&>>uE  >>yI  ""99$,,G $$Udmm.@.@.E.E%EFmm  66}eL $$SAX.==66}E&t}}mXNNrc|jjj|j}|jj |}t j ||jjS)N) private_valuepublic_numbers) rTrEC_KEY_get0_private_keyr= _bn_to_intr EllipticCurvePrivateNumbersrMrv)rXbnrus rprivate_numbersz(_EllipticCurvePrivateKey.private_numberss] ]]   7 7 E 004 --'??,;;=  rcj|jj|||||j|jSrR)rT_private_key_bytesrUr=)rXencodingformatencryption_algorithms r private_bytesz&_EllipticCurvePrivateKey.private_bytess5 }}//    NN LL   rcxt|t||j\}}t|j||SrR)rrrjrHrT)rXrCr_s rsignz_EllipticCurvePrivateKey.signs< ##671   ) ) at}}dD99rNr#r returnec.EllipticCurverint)rjzec.ECDHrkec.EllipticCurvePublicKeyrbytes)rr)rzec.EllipticCurvePrivateNumbers)r~serialization.Encodingrzserialization.PrivateFormatrz(serialization.KeySerializationEncryptionrr)rCrr"ec.EllipticCurveSignatureAlgorithmrr) __name__ __module__ __qualname__r[propertyr`rdrlrMr{rrrrr9r9s3##P P3LP P(O"   (  ,  G     : :@ :  :rc|eZdZd dZed dZed dZd dZddZddZ ddZ ddZ y )rIc||_||_||_t||}t |||_t ||t||yrRrSrWs rr[z _EllipticCurvePublicKey.__init__r\rc|jSrRr^r_s rr`z_EllipticCurvePublicKey.curverarc.|jjSrRrcr_s rrdz _EllipticCurvePublicKey.key_sizererct|tstS|jjj |j |j dk(Srn)r rINotImplementedrTr EVP_PKEY_cmprU)rXothers r__eq__z_EllipticCurvePublicKey.__eq__sD%!89! ! MM   + +DNNEOO L  rc|jjj|j}|jj ||jj j k7|jjj|j}|jj ||jj j k7|jj5}|jjj|}|jjj|}|jjj|||||}|jj |dk(|jj|}|jj|}dddtj|jS#1swY+xYw)Nr;)xyr`)rTrrr=rrrr0 _tmp_bn_ctx BN_CTX_getEC_POINT_get_affine_coordinatesrxr EllipticCurvePublicNumbersrV) rXr%r2bn_ctxbn_xbn_yrGrrs rrvz&_EllipticCurvePublicKey.public_numberssg ""44T\\B $$Udmm.@.@.E.E%EF ""99$,,G $$Udmm.@.@.E.E%EF ]] & & ( /F==%%008D==%%008D--$$DDudD&C MM ( ( 2 ((.A ((.A /,,qAT[[II / /s 1CG##G,c |tjjur!|jjj }n>|tjj usJ|jjj}|jjj|j}|jj||jjjk7|jjj|j}|jj||jjjk7|jj5}|jjj||||jjjd|}|jj|dkD|jjj!d|}|jjj||||||}|jj||k(ddd|jjj#ddS#1swY1xYw)Nrzchar[])r PublicFormatCompressedPointrTrPOINT_CONVERSION_COMPRESSEDUncompressedPointPOINT_CONVERSION_UNCOMPRESSEDrr=rrrr0rEC_POINT_point2octr>rA) rXr conversionr%r2rbuflenbufrGs r _encode_pointz%_EllipticCurvePublicKey._encode_point s ]//?? ?++GGJ]77III II++IIJ ""44T\\B $$Udmm.@.@.E.E%EF ""99$,,G $$Udmm.@.@.E.E%EF ]] & & ( 8F]]''::uj$--*<*<*A*A1fF MM ( (! 4--$$((6:C--$$77uj#vvC MM ( (3 7 8}}!!((-a00 8 8s ,CI11I:c|tjjus8|tjjus|tjj urn|tjjus6|tjjtjj fvr t d|j|S|jj||||jdS)NzKX962 encoding must be used with CompressedPoint or UncompressedPoint format) r EncodingX962rrrrrrT_public_key_bytesrU)rXr~rs r public_bytesz$_EllipticCurvePublicKey.public_bytes$s  ..33 333CCC33EEE}55:::f**::**<<M?!/ %%f- -==22&$ rc|t|t||j\}}t|j|||yrR)rrrjrOrT)rXrNrCrrs rverifyz_EllipticCurvePublicKey.verify=s; ##671   ) ) a $--y$?rNrrr)robjectrbool)rzec.EllipticCurvePublicNumbers)rserialization.PublicFormatrr)r~rrrrr)rNrrCrrrrNone) rrrr[rr`rdrrvrrrrrrrIrIs3## J*10(+  2 @ @ @@ @  @r)rrrr)r#r rstrr)r#r rr)r#r r(rrr)r#r rBr9rCrrr) r#r rMrIrNrrCrrr) __future__rtypingcryptography.exceptionsrrr*cryptography.hazmat.backends.openssl.utilsrrcryptography.hazmat.primitivesr )cryptography.hazmat.primitives.asymmetricr TYPE_CHECKING,cryptography.hazmat.backends.openssl.backendr rr)r.r3r8rHrOEllipticCurvePrivateKeyr9EllipticCurvePublicKeyrIrrrrs #  98 D ;   <    8  8#; 8CH 8  8   '      Y:r99Y:xm@b77m@r