U ςd,@sddlmZddlZddlmZmZmZddlmZm Z ddl m Z ddl m Z ejrbddlmZdd d d d Zd ddddZd dddZd d dddZd dddddZd ddddddZd d ddd d!d"d#ZGd$dde jZGd%d d e jZdS)&) annotationsN)InvalidSignatureUnsupportedAlgorithm_Reasons)_calculate_digest_and_algorithm_evp_pkey_derive) serialization)ec)Backend"ec.EllipticCurveSignatureAlgorithmNone)signature_algorithmreturncCst|tjstdtjdS)Nz/Unsupported elliptic curve signature algorithm.) isinstancer ZECDSArrZ UNSUPPORTED_PUBLIC_KEY_ALGORITHM)r rd/var/www/html/myproject/myenv/lib/python3.8/site-packages/cryptography/hazmat/backends/openssl/ec.py_check_signature_algorithms  rr str)backendrcCs|j|}|||jjk|j|}||jjkr>td|jjs^|j |dkr^td|j |}|||jjk|j | d}|S)Nz@ECDSA keys with explicit parameters are unsupported at this timerascii) _libEC_KEY_get0_groupopenssl_assert_ffiNULLEC_GROUP_get_curve_nameZ NID_undef ValueErrorZCRYPTOGRAPHY_IS_LIBRESSLZEC_GROUP_get_asn1_flagZ OBJ_nid2snstringdecode)rZec_keygroupnidZ curve_namesnrrr_ec_key_curve_sn#s$    r"rcCs|j||jjdS)z Set the named curve flag on the EC_KEY. This causes OpenSSL to serialize EC keys along with their curve OID which makes deserialization easier. N)rZEC_KEY_set_asn1_flagZOPENSSL_EC_NAMED_CURVE)rec_cdatarrr_mark_asn1_named_ec_curveAsr%cCsV|j|}|||jjk|j|}|||jjk|j||rRtddS)Nz;Cannot load an EC public key where the point is at infinity)rEC_KEY_get0_public_keyrrrrZEC_POINT_is_at_infinityr)rr$pointrrrr_check_key_infinityMs  r(ec.EllipticCurve)rr!rcCs:ztj|WStk r4t|dtjYnXdS)Nz" is not a supported elliptic curve)r Z _CURVE_TYPESKeyErrorrrZUNSUPPORTED_ELLIPTIC_CURVE)rr!rrr_sn_to_elliptic_curveXsr+_EllipticCurvePrivateKeybytes)r private_keydatarcCsz|j|j}||dk|jd|}|jdd}|jd|t||||j}||dk|j|d|dS)Nrzunsigned char[]zunsigned int[]) rZ ECDSA_size_ec_keyrrnewZ ECDSA_signlenbuffer)rr.r/max_sizeZsigbufZ siglen_ptrresrrr_ecdsa_sig_signbsr7_EllipticCurvePublicKey)r public_key signaturer/rcCs8|jd|t||t||j}|dkr4|tdS)Nrr0)rZ ECDSA_verifyr3r1Z_consume_errorsr)rr9r:r/r6rrr_ecdsa_sig_verifyqsr;c@seZdZddddZeddddZed dd d Zd d ddddZd dddZddddZ dddddddZ dddddd Z d!S)"r,r r#cCs@||_||_||_t||}t|||_t||t||dSN_backendr1 _evp_pkeyr"r+_curver%r(selfrZ ec_key_cdataevp_pkeyr!rrr__init__s   z!_EllipticCurvePrivateKey.__init__r)rcCs|jSr<r@rBrrrcurvesz_EllipticCurvePrivateKey.curveintcCs|jjSr<rHkey_sizerGrrrrKsz!_EllipticCurvePrivateKey.key_sizezec.ECDHzec.EllipticCurvePublicKeyr-) algorithmpeer_public_keyrcCsD|j||jstdtj|jj|jjkr4tdt|j|j |S)Nz1This backend does not support the ECDH algorithm.z2peer_public_key and self are not on the same curve) r>Z+elliptic_curve_exchange_algorithm_supportedrHrrZUNSUPPORTED_EXCHANGE_ALGORITHMnamerrr?)rBrLrMrrrexchangesz!_EllipticCurvePrivateKey.exchangecCs|jj|j}|j||jjjk|jj|}|j|}|jj |j}|j||jjjk|jj ||}|j|dk|j |}t |j||SNr0) r>rrr1rrrrZ_ec_key_new_by_curve_nidr&ZEC_KEY_set_public_keyZ_ec_cdata_to_evp_pkeyr8)rBrZ curve_nidZ public_ec_keyr'r6rCrrrr9s  z#_EllipticCurvePrivateKey.public_keyzec.EllipticCurvePrivateNumberscCs2|jj|j}|j|}tj||dS)N) private_valuepublic_numbers) r>rZEC_KEY_get0_private_keyr1 _bn_to_intr ZEllipticCurvePrivateNumbersr9rR)rBZbnrQrrrprivate_numberss   z(_EllipticCurvePrivateKey.private_numbersserialization.Encodingzserialization.PrivateFormatz(serialization.KeySerializationEncryption)encodingformatencryption_algorithmrcCs|j|||||j|jSr<)r>Z_private_key_bytesr?r1)rBrVrWrXrrr private_bytessz&_EllipticCurvePrivateKey.private_bytesr )r/r rcCs&t|t||j\}}t|j||Sr<)rrrLr7r>)rBr/r _rrrsigns z_EllipticCurvePrivateKey.signN) __name__ __module__ __qualname__rDpropertyrHrKrOr9rTrYr[rrrrr,s c@seZdZddddZeddddZed dd d Zd d dddZddddZdddddZ ddddddZ dddddd d!Z d"S)#r8r r#cCs@||_||_||_t||}t|||_t||t||dSr<r=rArrrrDs   z _EllipticCurvePublicKey.__init__r)rEcCs|jSr<rFrGrrrrHsz_EllipticCurvePublicKey.curverIcCs|jjSr<rJrGrrrrKsz _EllipticCurvePublicKey.key_sizeobjectbool)otherrcCs&t|tstS|jj|j|jdkSrP)rr8NotImplementedr>rZ EVP_PKEY_cmpr?)rBrbrrr__eq__s  z_EllipticCurvePublicKey.__eq__zec.EllipticCurvePublicNumbersc Cs|jj|j}|j||jjjk|jj|j}|j||jjjk|j`}|jj |}|jj |}|jj |||||}|j|dk|j |}|j |}W5QRXt j |||jdS)Nr0)xyrH)r>rrr1rrrr& _tmp_bn_ctxZ BN_CTX_getZEC_POINT_get_affine_coordinatesrSr ZEllipticCurvePublicNumbersr@) rBrr'bn_ctxZbn_xZbn_yr6rerfrrrrRs$  z&_EllipticCurvePublicKey.public_numberszserialization.PublicFormatr-)rWrc Cs|tjjkr|jjj}n|tjjks(t|jjj}|jj |j }|j ||jj j k|jj|j }|j ||jj j k|jl}|jj||||jj j d|}|j |dk|jj d|}|jj||||||}|j ||kW5QRX|jj |ddS)Nrzchar[])r PublicFormatCompressedPointr>rZPOINT_CONVERSION_COMPRESSEDUncompressedPointAssertionErrorZPOINT_CONVERSION_UNCOMPRESSEDrr1rrrr&rgZEC_POINT_point2octr2r4) rBrW conversionrr'rhbuflenbufr6rrr _encode_point s:    z%_EllipticCurvePublicKey._encode_pointrU)rVrWrcCsp|tjjks$|tjjks$|tjjkrV|tjjk sD|tjjtjjfkrLtd||S|j ||||j dSdS)NzKX962 encoding must be used with CompressedPoint or UncompressedPoint format) rZEncodingZX962rirjrkrrpr>Z_public_key_bytesr?)rBrVrWrrr public_bytes$s*    z$_EllipticCurvePublicKey.public_bytesr r )r:r/r rcCs,t|t||j\}}t|j|||dSr<)rrrLr;r>)rBr:r/r rZrrrverify=s z_EllipticCurvePublicKey.verifyN) r\r]r^rDr_rHrKrdrRrprqrrrrrrr8s  ) __future__rtypingZcryptography.exceptionsrrrZ*cryptography.hazmat.backends.openssl.utilsrrZcryptography.hazmat.primitivesrZ)cryptography.hazmat.primitives.asymmetricr TYPE_CHECKINGZ,cryptography.hazmat.backends.openssl.backendr rr"r%r(r+r7r;ZEllipticCurvePrivateKeyr,ZEllipticCurvePublicKeyr8rrrrs        \