U mf @sddlmZddlmZddlmZmZddlmZm Z ddl m Z ddl m Z Gddde ZGd d d eZGd d d eZGd ddeZGdddeZGdddeZdS))default_backend)hashes)ecutils)CryptographyPrivateKeyCryptographyPublicKey) Algorithm)DNSKEYc@sveZdZUejed<ejZeed<ej ed<ej ed<e ed<e e dddd Z e d d d Zeedd ddZdS) PublicECDSAkey algorithm chosen_hashcurveoctetsN) signaturedatareturncCsT|d|j}||jd}tt|dt|d}|j||t|j dS)Nrbig) rrZencode_dss_signatureint from_bytesr verifyrECDSAr )selfrrZsig_rZsig_ssigrB/opt/hc_python/lib/python3.8/site-packages/dns/dnssecalgs/ecdsa.pyrs zPublicECDSA.verifyrcCs*|j}|j|jd|j|jdS)z,Encode a public key per RFC 6605, section 4.r)r Zpublic_numbersxto_bytesry)rZpnrrrencode_key_bytess zPublicECDSA.encode_key_bytes)r rcCs`|||jd|j}|j|j|jd}|tj|jt|dt|ddt dS)Nrr)rrrr ) Z!_ensure_algorithm_key_combinationr rrZEllipticCurvePublicNumbersrrr public_keyr)clsr Zecdsa_xZecdsa_yrrr from_dnskeys   zPublicECDSA.from_dnskey)__name__ __module__ __qualname__rZEllipticCurvePublicKey__annotations__key_clsrrZ HashAlgorithmZ EllipticCurverbytesrr classmethodr r%rrrrr s    r c@sHeZdZUejed<ejZeZd e e e dddZ e ddddZ d S) PrivateECDSAr F)rrrcCsf|j|t|jj}t|\}}tj ||jj ddtj ||jj dd}|rb| |||S)z1Sign using a private key per RFC 6605, section 4.r)length byteorder) r signrr public_clsr rZdecode_dss_signaturerrrr#r)rrrZ der_signatureZdsa_rZdsa_srrrrr02szPrivateECDSA.signrcCs|tj|jjtddS)N)rbackendr")rZgenerate_private_keyr1rr)r$rrrgenerate=s zPrivateECDSA.generateN)F)r&r'r(rZEllipticCurvePrivateKeyr)r*r r1r+boolr0r,r3rrrrr--s   r-c@s&eZdZejZeZe Z dZ dS)PublicECDSAP256SHA256 N) r&r'r(rZECDSAP256SHA256r rSHA256r rZ SECP256R1rrrrrrr5Fsr5c@seZdZeZdS)PrivateECDSAP256SHA256N)r&r'r(r5r1rrrrr8Msr8c@s&eZdZejZeZe Z dZ dS)PublicECDSAP384SHA3840N) r&r'r(rZECDSAP384SHA384r rSHA384r rZ SECP384R1rrrrrrr9Qsr9c@seZdZeZdS)PrivateECDSAP384SHA384N)r&r'r(r9r1rrrrr<Xsr<N)Zcryptography.hazmat.backendsrZcryptography.hazmat.primitivesrZ)cryptography.hazmat.primitives.asymmetricrrZdns.dnssecalgs.cryptographyrrZdns.dnssectypesrZdns.rdtypes.ANY.DNSKEYr r r-r5r8r9r<rrrrs    #