o e,@sddlmZddlZddlmZmZmZddlmZm Z ddl m Z ddl m Z ejr1ddlmZd(d d Zd)ddZd*ddZd+ddZd,ddZd-dd Zd.d$d%ZGd&dde jZGd'd"d"e jZdS)/) annotationsN)InvalidSignatureUnsupportedAlgorithm_Reasons)_calculate_digest_and_algorithm_evp_pkey_derive) serialization)ec)Backendsignature_algorithm"ec.EllipticCurveSignatureAlgorithmreturnNonecCst|tjs tdtjdS)Nz/Unsupported elliptic curve signature algorithm.) isinstancer ECDSArr UNSUPPORTED_PUBLIC_KEY_ALGORITHM)r rZ/var/www/html/venv/lib/python3.10/site-packages/cryptography/hazmat/backends/openssl/ec.py_check_signature_algorithms rbackendr strcCs|j|}|||jjk|j|}||jjkrtd|jjs/|j |dkr/td|j |}|||jjk|j | d}|S)Nz@ECDSA keys with explicit parameters are unsupported at this timerascii) _libEC_KEY_get0_groupopenssl_assert_ffiNULLEC_GROUP_get_curve_name NID_undef ValueErrorCRYPTOGRAPHY_IS_LIBRESSLEC_GROUP_get_asn1_flag OBJ_nid2snstringdecode)rec_keygroupnid curve_namesnrrr_ec_key_curve_sn#s"    r*cCs|j||jjdS)z Set the named curve flag on the EC_KEY. This causes OpenSSL to serialize EC keys along with their curve OID which makes deserialization easier. N)rEC_KEY_set_asn1_flagOPENSSL_EC_NAMED_CURVE)rec_cdatarrr_mark_asn1_named_ec_curveAsr.cCsV|j|}|||jjk|j|}|||jjk|j||r)tddS)Nz;Cannot load an EC public key where the point is at infinity)rEC_KEY_get0_public_keyrrrrEC_POINT_is_at_infinityr)rr-pointr&rrr_check_key_infinityMs  r2r)ec.EllipticCurvecCs0ztj|WStyt|dtjw)Nz" is not a supported elliptic curve)r _CURVE_TYPESKeyErrorrrUNSUPPORTED_ELLIPTIC_CURVE)rr)rrr_sn_to_elliptic_curveXs r7 private_key_EllipticCurvePrivateKeydatabytescCsz|j|j}||dk|jd|}|jdd}|jd|t||||j}||dk|j|d|dS)Nrzunsigned char[]zunsigned int[]) r ECDSA_size_ec_keyrrnew ECDSA_signlenbuffer)rr8r:max_sizesigbuf siglen_ptrresrrr_ecdsa_sig_signbsrG public_key_EllipticCurvePublicKey signaturecCs8|jd|t||t||j}|dkr|tdS)Nrr<)r ECDSA_verifyrAr>_consume_errorsr)rrHrJr:rFrrr_ecdsa_sig_verifyqsrMc@sdeZdZd&ddZed'ddZed(d d Zd)ddZd*ddZd+ddZ d,ddZ d-d#d$Z d%S).r9rr cC@||_||_||_t||}t|||_t||t||dSN_backendr> _evp_pkeyr*r7_curver.r2selfr ec_key_cdataevp_pkeyr)rrr__init__   z!_EllipticCurvePrivateKey.__init__r r3cC|jSrOrSrUrrrcurvez_EllipticCurvePrivateKey.curveintcC|jjSrOr]key_sizer\rrrrbz!_EllipticCurvePrivateKey.key_size algorithmec.ECDHpeer_public_keyec.EllipticCurvePublicKeyr;cCsD|j||jstdtj|jj|jjkrtdt|j|j |S)Nz1This backend does not support the ECDH algorithm.z2peer_public_key and self are not on the same curve) rQ+elliptic_curve_exchange_algorithm_supportedr]rrUNSUPPORTED_EXCHANGE_ALGORITHMnamerrrR)rUrdrfrrrexchangesz!_EllipticCurvePrivateKey.exchangecCs|jj|j}|j||jjjk|jj|}|j|}|jj |j}|j||jjjk|jj ||}|j|dk|j |}t |j||SNr<) rQrrr>rrrr_ec_key_new_by_curve_nidr/EC_KEY_set_public_key_ec_cdata_to_evp_pkeyrI)rUr& curve_nid public_ec_keyr1rFrWrrrrHs  z#_EllipticCurvePrivateKey.public_keyec.EllipticCurvePrivateNumberscCs2|jj|j}|j|}tj||dS)N) private_valuepublic_numbers) rQrEC_KEY_get0_private_keyr> _bn_to_intr EllipticCurvePrivateNumbersrHrt)rUbnrsrrrprivate_numberss   z(_EllipticCurvePrivateKey.private_numbersencodingserialization.Encodingformatserialization.PrivateFormatencryption_algorithm(serialization.KeySerializationEncryptioncCs|j|||||j|jSrO)rQ_private_key_bytesrRr>)rUrzr|r~rrr private_bytessz&_EllipticCurvePrivateKey.private_bytesr:r r cCs&t|t||j\}}t|j||SrO)rrrdrGrQ)rUr:r _rrrsigns z_EllipticCurvePrivateKey.signNrr r r3r r_)rdrerfrgr r;)r rg)r rr)rzr{r|r}r~rr r;)r:r;r r r r;) __name__ __module__ __qualname__rXpropertyr]rbrkrHryrrrrrrr9s       c@sdeZdZd%ddZed&ddZed'd d Zd(ddZd)ddZd*ddZ d+ddZ d,d"d#Z d$S)-rIrr cCrNrOrPrTrrrrXrYz _EllipticCurvePublicKey.__init__r r3cCrZrOr[r\rrrr]r^z_EllipticCurvePublicKey.curver_cCr`rOrar\rrrrbrcz _EllipticCurvePublicKey.key_sizeotherobjectboolcCs&t|tstS|jj|j|jdkSrl)rrINotImplementedrQr EVP_PKEY_cmprR)rUrrrr__eq__s z_EllipticCurvePublicKey.__eq__ec.EllipticCurvePublicNumbersc Cs|jj|j}|j||jjjk|jj|j}|j||jjjk|j5}|jj |}|jj |}|jj |||||}|j|dk|j |}|j |}Wdn1scwYt j |||jdS)Nr<)xyr])rQrrr>rrrr/ _tmp_bn_ctx BN_CTX_getEC_POINT_get_affine_coordinatesrvr EllipticCurvePublicNumbersrS) rUr&r1bn_ctxbn_xbn_yrFrrrrrrts    z&_EllipticCurvePublicKey.public_numbersr|serialization.PublicFormatr;c Cs$|tjjur |jjj}n |tjjusJ|jjj}|jj|j }|j ||jj j k|jj |j }|j ||jj j k|j;}|jj||||jj j d|}|j |dk|jj d|}|jj||||||}|j ||kWdn1swY|jj |ddS)Nrzchar[])r PublicFormatCompressedPointrQrPOINT_CONVERSION_COMPRESSEDUncompressedPointPOINT_CONVERSION_UNCOMPRESSEDrr>rrrr/rEC_POINT_point2octr?rB) rUr| conversionr&r1rbuflenbufrFrrr _encode_point s(      z%_EllipticCurvePublicKey._encode_pointrzr{cCsl|tjjus|tjjus|tjjur+|tjjus"|tjjtjjfvr&td||S|j ||||j dS)NzKX962 encoding must be used with CompressedPoint or UncompressedPoint format) rEncodingX962rrrrrrQ_public_key_bytesrR)rUrzr|rrr public_bytes$s     z$_EllipticCurvePublicKey.public_bytesrJr:r r rcCs,t|t||j\}}t|j|||dSrO)rrrdrMrQ)rUrJr:r rrrrverify=s z_EllipticCurvePublicKey.verifyNrrr)rrr r)r r)r|rr r;)rzr{r|rr r;)rJr;r:r;r r r r) rrrrXrr]rbrrtrrrrrrrrIs      )r r r r)rr r rr)rr r r)rr r)rr r3)rr r8r9r:r;r r;) rr rHrIrJr;r:r;r r) __future__rtypingcryptography.exceptionsrrr*cryptography.hazmat.backends.openssl.utilsrrcryptography.hazmat.primitivesr)cryptography.hazmat.primitives.asymmetricr TYPE_CHECKING,cryptography.hazmat.backends.openssl.backendr rr*r.r2r7rGrMEllipticCurvePrivateKeyr9EllipticCurvePublicKeyrIrrrrs"       \