3 l_6&@sddlmZmZmZddlZddlZddlZddlmZddl m Z ddl m Z Gddde ZejejGdd d e ZejejGd d d e ZejejGd d d e ZejejGdddeZejejGddde ZeZejeGddde ZejeGddde ZejeGddde ZejeGddde ZejeGddde ZejeGddde ZejeGddde ZejeGd d!d!e ZejeGd"d#d#e Z ejeGd$d%d%e Z!ejeGd&d'd'e Z"ejeGd(d)d)e Z#ejeGd*d+d+e Z$ejeGd,d-d-e Z%ejeGd.d/d/e Z&ejeGd0d1d1e Z'ejeGd2d3d3e Z(ejeGd4d5d5e Z)ejeGd6d7d7e Z*e'e$e'e&e$e#e"e%e!e eeeeeeeee(e)e*d8Z+ejeGd9d:d:e Z,dGd;d<Z-dHd=d>Z.Gd?d@d@e Z/GdAdBdBe Z0GdCdDdDe Z1ej'e'ej&e&ej%e%ej$e$ej#e#ej"e"ej2e(ej3e)ej4e*ej!e!ejeej e ejeejeejeejeejeejeejeiZ5dEdFZ6dS)I)absolute_importdivisionprint_functionN)utils)ObjectIdentifier) _get_backendc@seZdZedZedZedZedZedZedZ edZ edZ ed Z ed Z ed Zed Zed ZedZedZedZedZedZedZdS)EllipticCurveOIDz1.2.840.10045.3.1.1z 1.3.132.0.33z 1.3.132.0.10z1.2.840.10045.3.1.7z 1.3.132.0.34z 1.3.132.0.35z1.3.36.3.3.2.8.1.1.7z1.3.36.3.3.2.8.1.1.11z1.3.36.3.3.2.8.1.1.13z 1.3.132.0.1z 1.3.132.0.15z 1.3.132.0.26z 1.3.132.0.27z 1.3.132.0.16z 1.3.132.0.17z 1.3.132.0.36z 1.3.132.0.37z 1.3.132.0.38z 1.3.132.0.39N)__name__ __module__ __qualname__r SECP192R1 SECP224R1 SECP256K1 SECP256R1 SECP384R1 SECP521R1BRAINPOOLP256R1BRAINPOOLP384R1BRAINPOOLP512R1 SECT163K1 SECT163R2 SECT233K1 SECT233R1 SECT283K1 SECT283R1 SECT409K1 SECT409R1 SECT571K1 SECT571R1rr/usr/lib64/python3.6/ec.pyrs&rc@s(eZdZejddZejddZdS) EllipticCurvecCsdS)z8 The name of the curve. e.g. secp256r1. Nr)selfrrr name)szEllipticCurve.namecCsdS)z< Bit size of a secret scalar for the curve. Nr)r"rrr key_size/szEllipticCurve.key_sizeN)r r r abcabstractpropertyr#r$rrrr r!'sr!c@seZdZejddZdS)EllipticCurveSignatureAlgorithmcCsdS)z@ The digest algorithm used with this signature. Nr)r"rrr algorithm8sz)EllipticCurveSignatureAlgorithm.algorithmN)r r r r%r&r(rrrr r'6sr'c@s`eZdZejddZejddZejddZejddZ ejd d Z ejd d Z d S)EllipticCurvePrivateKeycCsdS)zN Returns an AsymmetricSignatureContext used for signing data. Nr)r"signature_algorithmrrr signerAszEllipticCurvePrivateKey.signercCsdS)z} Performs a key exchange operation using the provided algorithm with the provided peer's public key. Nr)r"r(Zpeer_public_keyrrr exchangeGsz EllipticCurvePrivateKey.exchangecCsdS)zB The EllipticCurvePublicKey for this private key. Nr)r"rrr public_keyNsz"EllipticCurvePrivateKey.public_keycCsdS)z8 The EllipticCurve that this key is on. Nr)r"rrr curveTszEllipticCurvePrivateKey.curvecCsdS)z< Bit size of a secret scalar for the curve. Nr)r"rrr r$Zsz EllipticCurvePrivateKey.key_sizecCsdS)z Signs the data Nr)r"datar*rrr sign`szEllipticCurvePrivateKey.signN) r r r r%abstractmethodr+r,r-r&r.r$r0rrrr r)?s r)c@s(eZdZejddZejddZdS)(EllipticCurvePrivateKeyWithSerializationcCsdS)z9 Returns an EllipticCurvePrivateNumbers. Nr)r"rrr private_numbersisz8EllipticCurvePrivateKeyWithSerialization.private_numberscCsdS)z6 Returns the key serialized as bytes. Nr)r"encodingformatZencryption_algorithmrrr private_bytesosz6EllipticCurvePrivateKeyWithSerialization.private_bytesN)r r r r%r1r3r6rrrr r2gsr2c@sleZdZejddZejddZejddZejddZ ejd d Z ejd d Z e d dZ dS)EllipticCurvePublicKeycCsdS)zQ Returns an AsymmetricVerificationContext used for signing data. Nr)r" signaturer*rrr verifierxszEllipticCurvePublicKey.verifiercCsdS)z8 The EllipticCurve that this key is on. Nr)r"rrr r.~szEllipticCurvePublicKey.curvecCsdS)z< Bit size of a secret scalar for the curve. Nr)r"rrr r$szEllipticCurvePublicKey.key_sizecCsdS)z8 Returns an EllipticCurvePublicNumbers. Nr)r"rrr public_numberssz%EllipticCurvePublicKey.public_numberscCsdS)z6 Returns the key serialized as bytes. Nr)r"r4r5rrr public_bytessz#EllipticCurvePublicKey.public_bytescCsdS)z5 Verifies the signature of the data. Nr)r"r8r/r*rrr verifyszEllipticCurvePublicKey.verifycCsbtjd|t|tstdt|dkr2tdtj|dd krJtddd l m }|j ||S) Nr/z'curve must be an EllipticCurve instancerz%data must not be an empty byte stringz%Unsupported elliptic curve point type)backend)r=r>r?) r _check_bytes isinstancer! TypeErrorlen ValueErrorsixZ indexbytesZ,cryptography.hazmat.backends.openssl.backendr@Z load_elliptic_curve_public_bytes)clsr.r/r@rrr from_encoded_points    z)EllipticCurvePublicKey.from_encoded_pointN)r r r r%r1r9r&r.r$r:r;r< classmethodrHrrrr r7vsr7c@seZdZdZdZdS)r sect571r1i:N)r r r r#r$rrrr rsrc@seZdZdZdZdS)r sect409r1iN)r r r r#r$rrrr rsrc@seZdZdZdZdS)r sect283r1iN)r r r r#r$rrrr rsrc@seZdZdZdZdS)r sect233r1N)r r r r#r$rrrr rsrc@seZdZdZdZdS)r sect163r2N)r r r r#r$rrrr rsrc@seZdZdZdZdS)r sect571k1i;N)r r r r#r$rrrr rsrc@seZdZdZdZdS)r sect409k1iN)r r r r#r$rrrr rsrc@seZdZdZdZdS)r sect283k1iN)r r r r#r$rrrr rsrc@seZdZdZdZdS)r sect233k1rNN)r r r r#r$rrrr rsrc@seZdZdZdZdS)r sect163k1rPN)r r r r#r$rrrr rsrc@seZdZdZdZdS)r secp521r1i N)r r r r#r$rrrr rsrc@seZdZdZdZdS)r secp384r1iN)r r r r#r$rrrr rsrc@seZdZdZdZdS)r secp256r1N)r r r r#r$rrrr rsrc@seZdZdZdZdS)r secp256k1rYN)r r r r#r$rrrr rsrc@seZdZdZdZdS)r secp224r1N)r r r r#r$rrrr r sr c@seZdZdZdZdS)r secp192r1N)r r r r#r$rrrr r sr c@seZdZdZdZdS)BrainpoolP256R1brainpoolP256r1rYN)r r r r#r$rrrr r_sr_c@seZdZdZdZdS)BrainpoolP384R1brainpoolP384r1iN)r r r r#r$rrrr rasrac@seZdZdZdZdS)BrainpoolP512R1brainpoolP512r1iN)r r r r#r$rrrr rcsrc)Z prime192v1Z prime256v1r]r[rXrWrVrZrUrTrSrRrQrOrMrLrKrJr`rbrdc@seZdZddZejdZdS)ECDSAcCs ||_dS)N) _algorithm)r"r(rrr __init__>szECDSA.__init__rfN)r r r rgrread_only_propertyr(rrrr re<srecCst|}|j|S)N)rZ#generate_elliptic_curve_private_key)r.r@rrr generate_private_keyDsricCsJt|}t|tjstd|dkr,tdt|ts>td|j||S)Nz&private_value must be an integer type.rz)private_value must be a positive integer.z/curve must provide the EllipticCurve interface.)rrBrF integer_typesrCrEr!Z!derive_elliptic_curve_private_key) private_valuer.r@rrr derive_private_keyIs  rlc@speZdZddZdddZddZedd Zej d Z ej d Z ej d Z d dZ ddZddZddZdS)EllipticCurvePublicNumberscCsLt|tj st|tj r$tdt|ts6td||_||_||_dS)Nzx and y must be integers.z/curve must provide the EllipticCurve interface.)rBrFrjrCr!_y_x_curve)r"xyr.rrr rgXs  z#EllipticCurvePublicNumbers.__init__NcCst|}|j|S)N)rZ"load_elliptic_curve_public_numbers)r"r@rrr r-esz%EllipticCurvePublicNumbers.public_keycCsBtjdtjdd|jjdd}dtj|j|tj|j|S)Nzencode_point has been deprecated on EllipticCurvePublicNumbers and will be removed in a future version. Please use EllipticCurvePublicKey.public_bytes to obtain both compressed and uncompressed point encoding.r=) stacklevel) warningswarnrPersistentlyDeprecated2019r.r$Z int_to_bytesrqrr)r" byte_lengthrrr encode_pointis z'EllipticCurvePublicNumbers.encode_pointcCst|tstdtjdtjdd|jdr|jdd}t |d|dkrtj |d|dd }tj ||ddd }||||St d nt d dS) Nz'curve must be an EllipticCurve instancezSupport for unsafe construction of public numbers from encoded data will be removed in a future version. Please use EllipticCurvePublicKey.from_encoded_pointr=)rsrvrtruZbigz(Invalid elliptic curve point data lengthz%Unsupported elliptic curve point type) rBr!rCrwrxrry startswithr$rDZint_from_bytesrE)rGr.r/rzrqrrrrr rHzs    z-EllipticCurvePublicNumbers.from_encoded_pointrprorncCsFt|tstS|j|jkoD|j|jkoD|jj|jjkoD|jj|jjkS)N)rBrmNotImplementedrqrrr.r#r$)r"otherrrr __eq__s    z!EllipticCurvePublicNumbers.__eq__cCs ||k S)Nr)r"rrrr __ne__sz!EllipticCurvePublicNumbers.__ne__cCst|j|j|jj|jjfS)N)hashrqrrr.r#r$)r"rrr __hash__sz#EllipticCurvePublicNumbers.__hash__cCs dj|S)NzC)r5)r"rrr __repr__sz#EllipticCurvePublicNumbers.__repr__)N)r r r rgr-r{rIrHrrhr.rqrrrrrrrrrr rmWs      rmc@sJeZdZddZdddZejdZejdZdd Z d d Z d d Z dS)EllipticCurvePrivateNumberscCs6t|tjstdt|ts&td||_||_dS)Nz!private_value must be an integer.z>public_numbers must be an EllipticCurvePublicNumbers instance.)rBrFrjrCrm_private_value_public_numbers)r"rkr:rrr rgs  z$EllipticCurvePrivateNumbers.__init__NcCst|}|j|S)N)rZ#load_elliptic_curve_private_numbers)r"r@rrr private_keysz'EllipticCurvePrivateNumbers.private_keyrrcCs&t|tstS|j|jko$|j|jkS)N)rBrr~rkr:)r"rrrr rs  z"EllipticCurvePrivateNumbers.__eq__cCs ||k S)Nr)r"rrrr rsz"EllipticCurvePrivateNumbers.__ne__cCst|j|jfS)N)rrkr:)r"rrr rsz$EllipticCurvePrivateNumbers.__hash__)N) r r r rgrrrhrkr:rrrrrrr rs    rc@s eZdZdS)ECDHN)r r r rrrr rsrc Cs*yt|Stk r$tdYnXdS)NzCThe provided object identifier has no matching elliptic curve class) _OID_TO_CURVEKeyError LookupError)Zoidrrr get_curve_for_oids r)N)N)7Z __future__rrrr%rwrFZ cryptographyrZcryptography.hazmat._oidrZcryptography.hazmat.backendsrobjectrZ add_metaclassABCMetar!r'r)r2r7Z'EllipticCurvePublicKeyWithSerializationZregister_interfacerrrrrrrrrrrrrrr r r_rarcZ _CURVE_TYPESrerirlrmrrrrrrrrrrr s   '7  X%