U EZh+@sddlZddlmZmZmZddlmZmZddlm Z ddl m Z ej rVddl mZe jdddd Zd ed d d Zd dddZd dd ddZd ee jdddZd deedddZd deeddddZGddde jZGddde jZdS) N)InvalidSignatureUnsupportedAlgorithm_Reasons)_calculate_digest_and_algorithm_evp_pkey_derive) serialization)ec)Backend)signature_algorithmreturncCst|tjstdtjdS)Nz/Unsupported elliptic curve signature algorithm.) isinstancerZECDSArrZ UNSUPPORTED_PUBLIC_KEY_ALGORITHM)r r n/home/aprabhat/apps/x.techxrdev.in/venv/lib/python3.8/site-packages/cryptography/hazmat/backends/openssl/ec.py_check_signature_algorithms  rr )backendr cCs|j|}|||jjk|j|}||jjkr>td|jjs^|j |dkr^td|j |}|||jjk|j | d}|S)Nz@ECDSA keys with explicit parameters are unsupported at this timerascii) _libEC_KEY_get0_groupopenssl_assert_ffiNULLEC_GROUP_get_curve_nameZ NID_undef ValueErrorZCRYPTOGRAPHY_IS_LIBRESSLZEC_GROUP_get_asn1_flagZ OBJ_nid2snstringdecode)rZec_keygroupnidZ curve_namesnr r r_ec_key_curve_sn!s$    rrcCs|j||jjdS)z Set the named curve flag on the EC_KEY. This causes OpenSSL to serialize EC keys along with their curve OID which makes deserialization easier. N)rZEC_KEY_set_asn1_flagZOPENSSL_EC_NAMED_CURVE)rec_cdatar r r_mark_asn1_named_ec_curve?sr!cCsV|j|}|||jjk|j|}|||jjk|j||rRtddS)Nz;Cannot load an EC public key where the point is at infinity)rEC_KEY_get0_public_keyrrrrZEC_POINT_is_at_infinityr)rr pointrr r r_check_key_infinityKs  r$)rrr cCs:ztj|WStk r4t|dtjYnXdS)Nz" is not a supported elliptic curve)rZ _CURVE_TYPESKeyErrorrrZUNSUPPORTED_ELLIPTIC_CURVE)rrr r r_sn_to_elliptic_curveVsr&_EllipticCurvePrivateKey)r private_keydatar cCsz|j|j}||dk|jd|}|jdd}|jd|t||||j}||dk|j|d|dS)Nrzunsigned char[]zunsigned int[]) rZ ECDSA_size_ec_keyrrnewZ ECDSA_signlenbuffer)rr(r)max_sizeZsigbufZ siglen_ptrresr r r_ecdsa_sig_sign`sr1_EllipticCurvePublicKey)r public_key signaturer)r cCs8|jd|t||t||j}|dkr4|tdS)Nrr*)rZ ECDSA_verifyr-r+Z_consume_errorsr)rr3r4r)r0r r r_ecdsa_sig_verifyosr5c@seZdZddddZeejdddZeeddd Z ej ej e d d d Z ej dd dZejdddZejejeje dddZe eje dddZdS)r'r rcCs@||_||_||_t||}t|||_t||t||dSN_backendr+ _evp_pkeyrr&_curver!r$selfrZ ec_key_cdataevp_pkeyrr r r__init__~s   z!_EllipticCurvePrivateKey.__init__r cCs|jSr6r:r<r r rcurvesz_EllipticCurvePrivateKey.curvecCs|jjSr6rBkey_sizerAr r rrDsz!_EllipticCurvePrivateKey.key_size) algorithmpeer_public_keyr cCsD|j||jstdtj|jj|jjkr4tdt|j|j |S)Nz1This backend does not support the ECDH algorithm.z2peer_public_key and self are not on the same curve) r8Z+elliptic_curve_exchange_algorithm_supportedrBrrZUNSUPPORTED_EXCHANGE_ALGORITHMnamerrr9)r<rErFr r rexchangesz!_EllipticCurvePrivateKey.exchangecCs|jj|j}|j||jjjk|jj|}|j|}|jj |j}|j||jjjk|jj ||}|j|dk|j |}t |j||S)Nr*) r8rrr+rrrrZ_ec_key_new_by_curve_nidr"ZEC_KEY_set_public_keyZ_ec_cdata_to_evp_pkeyr2)r<rZ curve_nidZ public_ec_keyr#r0r=r r rr3s  z#_EllipticCurvePrivateKey.public_keycCs2|jj|j}|j|}tj||dS)N) private_valuepublic_numbers) r8rZEC_KEY_get0_private_keyr+ _bn_to_intrEllipticCurvePrivateNumbersr3rJ)r<ZbnrIr r rprivate_numberss   z(_EllipticCurvePrivateKey.private_numbers)encodingformatencryption_algorithmr cCs|j|||||j|jSr6)r8Z_private_key_bytesr9r+)r<rNrOrPr r r private_bytessz&_EllipticCurvePrivateKey.private_bytes)r)r r cCs&t|t||j\}}t|j||Sr6)rrrEr1r8)r<r)r _r r rsigns z_EllipticCurvePrivateKey.signN)__name__ __module__ __qualname__r>propertyr EllipticCurverBintrDZECDHEllipticCurvePublicKeybytesrHr3rLrMrEncodingZ PrivateFormatZKeySerializationEncryptionrQEllipticCurveSignatureAlgorithmrSr r r rr'}s(    c@seZdZddddZeejdddZeeddd Z ej dd d Z e j ed d dZe je j edddZeeejddddZdS)r2r rcCs@||_||_||_t||}t|||_t||t||dSr6r7r;r r rr>s   z _EllipticCurvePublicKey.__init__r?cCs|jSr6r@rAr r rrBsz_EllipticCurvePublicKey.curvecCs|jjSr6rCrAr r rrDsz _EllipticCurvePublicKey.key_sizec Cs|jj|j}|j||jjjk|jj|j}|j||jjjk|j`}|jj |}|jj |}|jj |||||}|j|dk|j |}|j |}W5QRXt j |||jdS)Nr*)xyrB)r8rrr+rrrr" _tmp_bn_ctxZ BN_CTX_getZEC_POINT_get_affine_coordinatesrKrEllipticCurvePublicNumbersr:) r<rr#bn_ctxZbn_xZbn_yr0r^r_r r rrJs$  z&_EllipticCurvePublicKey.public_numbers)rOr c Cs|tjjkr|jjj}n|tjjks(t|jjj}|jj |j }|j ||jj j k|jj|j }|j ||jj j k|jl}|jj||||jj j d|}|j |dk|jj d|}|jj||||||}|j ||kW5QRX|jj |ddS)Nrzchar[])r PublicFormatCompressedPointr8rZPOINT_CONVERSION_COMPRESSEDUncompressedPointAssertionErrorZPOINT_CONVERSION_UNCOMPRESSEDrr+rrrr"r`ZEC_POINT_point2octr,r.) r<rO conversionrr#rbbuflenbufr0r r r _encode_points:    z%_EllipticCurvePublicKey._encode_point)rNrOr cCsp|tjjks$|tjjks$|tjjkrV|tjjk sD|tjjtjjfkrLtd||S|j ||||j dSdS)NzKX962 encoding must be used with CompressedPoint or UncompressedPoint format) rr\ZX962rcrdrerrjr8Z_public_key_bytesr9)r<rNrOr r r public_bytess*    z$_EllipticCurvePublicKey.public_bytesN)r4r)r r cCs,t|t||j\}}t|j|||dSr6)rrrEr5r8)r<r4r)r rRr r rverify2s z_EllipticCurvePublicKey.verify)rTrUrVr>rWrrXrBrYrDrarJrrcr[rjr\rkr]rlr r r rr2s   )typingZcryptography.exceptionsrrrZ*cryptography.hazmat.backends.openssl.utilsrrZcryptography.hazmat.primitivesrZ)cryptography.hazmat.primitives.asymmetricr TYPE_CHECKINGZ,cryptography.hazmat.backends.openssl.backendr r]rstrrr!r$rXr&r[r1r5ZEllipticCurvePrivateKeyr'rZr2r r r rs4         \