o )%a9@sUddlZddlZddlZddlmZddlmZddlmZddl m Z m Z ddl m Z mZmZGdddeZGd d d ejd ZGd d d ejd ZGdddejd ZeZGdddejd ZeZGdddeZGdddeZGdddeZGdddeZGdddeZGdddeZGdddeZGd d!d!eZ Gd"d#d#eZ!Gd$d%d%eZ"Gd&d'd'eZ#Gd(d)d)eZ$Gd*d+d+eZ%Gd,d-d-eZ&Gd.d/d/eZ'Gd0d1d1eZ(Gd2d3d3eZ)Gd4d5d5eZ*Gd6d7d7eZ+id8e(d9e%d:e(d;e'de#d?e&d@e"dAe!dBe dCedDedEedFedGedHeee)e*e+dIZ,ej-e.ej/efe0dJ<GdKdLdLeZ1 d]dMedNefdOdPZ2 d]dQe3dMedNefdRdSZ4GdTdUdUeZ5GdVdWdWeZ6GdXdYdYeZ7iej(e(ej'e'ej&e&ej%e%ej$e$ej#e#ej8e)ej9e*ej:e+ej"e"ejeej!e!ejeej e ejeejeejeejeejeiZ;dZedNej/efd[d\Zr,r"r@r.r*rBrDrEncoding PrivateFormatKeySerializationEncryptionrIr r r r!r7CsN     r7c @seZdZejdededefddZej de fddZ ej de fdd Z ejdd d Zejd ejdejdefddZejdedededdfddZede deddfddZdS)r< signaturer8r#cCr$)zQ Returns an AsymmetricVerificationContext used for signing data. Nr )r&rOr8r r r!verifierr(zEllipticCurvePublicKey.verifiercCr$r?r r%r r r!r@r(zEllipticCurvePublicKey.curvecCr$r)r r%r r r!r*r(zEllipticCurvePublicKey.key_sizeEllipticCurvePublicNumberscCr$)z8 Returns an EllipticCurvePublicNumbers. Nr r%r r r!public_numbersr(z%EllipticCurvePublicKey.public_numbersrErFcCr$rHr )r&rErFr r r! public_bytesr(z#EllipticCurvePublicKey.public_bytesrANcCr$)z5 Verifies the signature of the data. Nr )r&rOrAr8r r r!verifyr(zEllipticCurvePublicKey.verifyr@cCs^td|t|tstdt|dkrtd|ddvr#tdddlm}| ||S)NrA'curve must be an EllipticCurve instancerz%data must not be an empty byte string)%Unsupported elliptic curve point type)backend) r _check_bytes isinstancer" TypeErrorlen ValueError,cryptography.hazmat.backends.openssl.backendrZ load_elliptic_curve_public_bytes)clsr@rArZr r r!from_encoded_points      z)EllipticCurvePublicKey.from_encoded_point)r#rQ)r r r r+rJrKr0rrPr,r"r@r.r*rRrrL PublicFormatrSrT classmethodrcr r r r!r<sR       r<c@eZdZdZdZdS)r sect571r1i:Nr r r r'r*r r r r!rrc@rf)r sect409r1Nrhr r r r!rrirc@rf)r sect283r1Nrhr r r r!rrirc@rf)r sect233r1Nrhr r r r!rrirc@rf)r sect163r2Nrhr r r r!rrirc@rf)r sect571k1i;Nrhr r r r!rrirc@rf)r sect409k1rkNrhr r r r!rrirc@rf)r sect283k1rmNrhr r r r!rrirc@rf)r sect233k1roNrhr r r r!rrirc@rf)r sect163k1rqNrhr r r r!rrirc@rf)r secp521r1i Nrhr r r r!rrirc@rf)r secp384r1Nrhr r r r!rrirc@rf)r secp256r1Nrhr r r r!r rirc@rf)r secp256k1r{Nrhr r r r!rrirc@rf)r secp224r1Nrhr r r r!rrirc@rf)r secp192r1Nrhr r r r!r rir c@rf)BrainpoolP256R1brainpoolP256r1r{Nrhr r r r!r rirc@rf)BrainpoolP384R1brainpoolP384r1ryNrhr r r r!r%rirc@rf)BrainpoolP512R1brainpoolP512r1iNrhr r r r!r*rir prime192v1 prime256v1rr}rzrxrwr|rvrurtrsrrrprnrlrj)rgrrr _CURVE_TYPESc@seZdZddZedZdS)ECDSAcCs ||_dSN) _algorithm)r&r1r r r!__init__I zECDSA.__init__rN)r r r rrread_only_propertyr1r r r r!rHsrr@r#cCt|}||Sr)r#generate_elliptic_curve_private_key)r@rZr r r!generate_private_keyOs r private_valuecCsHt|}t|ts td|dkrtdt|tstd|||S)Nz&private_value must be an integer type.rz)private_value must be a positive integer./curve must provide the EllipticCurve interface.)rr\r.r]r_r"!derive_elliptic_curve_private_key)rr@rZr r r!derive_private_keyVs   rc@seZdZdededefddZddefdd Zdefd d Z e ded eddfd dZ e dZe dZe dZddZddZddZddZdS)rQxyr@cCsDt|tr t|tstdt|tstd||_||_||_dS)Nzx and y must be integers.r)r\r.r]r"_y_x_curve)r&rrr@r r r!rgs  z#EllipticCurvePublicNumbers.__init__Nr#cCrr)r"load_elliptic_curve_public_numbersr&rZr r r!r>r z%EllipticCurvePublicNumbers.public_keycCsBtjdtjdd|jjdd}dt|j|t|j|S)Nzencode_point has been deprecated on EllipticCurvePublicNumbers and will be removed in a future version. Please use EllipticCurvePublicKey.public_bytes to obtain both compressed and uncompressed point encoding.rV stacklevel) warningswarnrPersistentlyDeprecated2019r@r* int_to_bytesrr)r& byte_lengthr r r! encode_pointvs   z'EllipticCurvePublicNumbers.encode_pointrAcCst|ts tdtjdtjdd|drJ|jdd}t |d|dkrFt |d|dd }t ||ddd }||||St d t d ) NrUzSupport for unsafe construction of public numbers from encoded data will be removed in a future version. Please use EllipticCurvePublicKey.from_encoded_pointrVrrrrbigz(Invalid elliptic curve point data lengthrY) r\r"r]rrrr startswithr*r^r. from_bytesr_)rbr@rArrrr r r!rcs   z-EllipticCurvePublicNumbers.from_encoded_pointrrrcCsFt|tstS|j|jko"|j|jko"|jj|jjko"|jj|jjkSr)r\rQNotImplementedrrr@r'r*r&otherr r r!__eq__s   z!EllipticCurvePublicNumbers.__eq__cC ||k Srr rr r r!__ne__rz!EllipticCurvePublicNumbers.__ne__cCst|j|j|jj|jjfSr)hashrrr@r'r*r%r r r!__hash__sz#EllipticCurvePublicNumbers.__hash__cCs d|S)NzC)rFr%r r r!__repr__sz#EllipticCurvePublicNumbers.__repr__r)r r r r.r"rr<r>rKrrercrrr@rrrrrrr r r r!rQfs&      rQc@sZeZdZdedefddZddefddZe d Z e d Z d d Z d dZ ddZdS)rCrrRcCs4t|ts tdt|tstd||_||_dS)Nz!private_value must be an integer.z>public_numbers must be an EllipticCurvePublicNumbers instance.)r\r.r]rQ_private_value_public_numbers)r&rrRr r r!rs   z$EllipticCurvePrivateNumbers.__init__Nr#cCrr)r#load_elliptic_curve_private_numbersrr r r! private_keyrz'EllipticCurvePrivateNumbers.private_keyrrcCs&t|tstS|j|jko|j|jkSr)r\rCrrrRrr r r!rs   z"EllipticCurvePrivateNumbers.__eq__cCrrr rr r r!rrz"EllipticCurvePrivateNumbers.__ne__cCst|j|jfSr)rrrRr%r r r!rsz$EllipticCurvePrivateNumbers.__hash__r)r r r r.rQrr7rrrrrRrrrr r r r!rCs    rCc@s eZdZdS)r:N)r r r r r r r!r:sr:oidcCs"zt|WStytdw)NzCThe provided object identifier has no matching elliptic curve class) _OID_TO_CURVEKeyError LookupError)rr r r!get_curve_for_oids  rr)=r+r2r cryptographyrcryptography.hazmat._oidrcryptography.hazmat.backendsrcryptography.hazmat.primitivesrr)cryptography.hazmat.primitives.asymmetricrrr4objectr ABCMetar"r0r7(EllipticCurvePrivateKeyWithSerializationr<'EllipticCurvePublicKeyWithSerializationrrrrrrrrrrrrrrrr rrrrDictr-Type__annotations__rrr.rrQrCr:rrrrrr r r r!s     AF        X'