U q`y)@sddlmZmZmZddlmZddlmZm Z ddl m Z e Z e dZe Ze Ze Ze ZddZdd Zd d Zd d ZddZddZddZddZGdddeZ ddZ!ddZ"ddZ#dS))absolute_importdivisionprint_function) exceptions)ffilib)ensurecCs`tdt}tdt}t||}t|dkdtjdt |tddt |tddfS)zu Returns a randomly generated public key and secret key. :rtype: (bytes(public_key), bytes(secret_key)) unsigned char[]rUnexpected library errorZraisingN) rnewcrypto_sign_PUBLICKEYBYTEScrypto_sign_SECRETKEYBYTESrcrypto_sign_keypairrexc RuntimeErrorbuffer)pkskrcr@/tmp/pip-target-nv4zd3e_/lib/python/nacl/bindings/crypto_sign.pyr!s   rcCsxt|tkrtdtdt}tdt}t |||}t |dkdtj dt |tddt |tddfS)z Computes and returns the public key and secret key using the seed ``seed``. :param seed: bytes :rtype: (bytes(public_key), bytes(secret_key)) z Invalid seedr rr r N) lencrypto_sign_SEEDBYTESr ValueErrorrr rrrcrypto_sign_seed_keypairrrr)seedrrrrrrr5s    rcCs`tdt|t}td}t|||t||}t|dkdtjdt ||dddS)z Signs the message ``message`` using the secret key ``sk`` and returns the signed message. :param message: bytes :param sk: bytes :rtype: bytes r unsigned long long *rr r N) rr rcrypto_sign_BYTESr crypto_signrrrr)messagersignedZ signed_lenrrrrr Ms  r cCsVtdt|}td}t|||t||dkr>tdt||dddS)z Verifies the signature of the signed message ``signed`` using the public key ``pk`` and returns the unsigned message. :param signed: bytes :param pk: bytes :rtype: bytes r rrSignature was forged or corruptN)rr rrcrypto_sign_openrBadSignatureErrorr)r"rr!Z message_lenrrrr$as   r$cCsZt|tkrtdt}td|}t||}t |dkdtj dt ||ddS)a Converts a public Ed25519 key (encoded as bytes ``public_key_bytes``) to a public Curve25519 key as bytes. Raises a ValueError if ``public_key_bytes`` is not of length ``crypto_sign_PUBLICKEYBYTES`` :param public_key_bytes: bytes :rtype: bytes zInvalid curve public keyr rr r N) rrrrcrypto_sign_curve25519_BYTESrr r$crypto_sign_ed25519_pk_to_curve25519rrr)Zpublic_key_bytesZcurve_public_key_lenZcurve_public_keyrrrrr'ts   r'cCsZt|tkrtdt}td|}t||}t |dkdtj dt ||ddS)a Converts a secret Ed25519 key (encoded as bytes ``secret_key_bytes``) to a secret Curve25519 key as bytes. Raises a ValueError if ``secret_key_bytes``is not of length ``crypto_sign_SECRETKEYBYTES`` :param secret_key_bytes: bytes :rtype: bytes zInvalid curve secret keyr rr r N) rrrrr&rr r$crypto_sign_ed25519_sk_to_curve25519rrr)secret_key_bytesZcurve_secret_key_lenZcurve_secret_keyrrrrr(s   r(cCs"t|tkrtd|tdS)a  Extract the public Ed25519 key from a secret Ed25519 key (encoded as bytes ``secret_key_bytes``). Raises a ValueError if ``secret_key_bytes``is not of length ``crypto_sign_SECRETKEYBYTES`` :param secret_key_bytes: bytes :rtype: bytes Invalid secret keyNrrrrrr)rrrcrypto_sign_ed25519_sk_to_pks  r-cCs"t|tkrtd|dtS)z Extract the seed from a secret Ed25519 key (encoded as bytes ``secret_key_bytes``). Raises a ValueError if ``secret_key_bytes``is not of length ``crypto_sign_SECRETKEYBYTES`` :param secret_key_bytes: bytes :rtype: bytes r*Nr+r,rrrcrypto_sign_ed25519_sk_to_seeds  r.c@seZdZdZdgZddZdS)crypto_sign_ed25519ph_statezO State object wrapping the sha-512 state used in ed25519ph computation statecCs2tdt|_t|j}t|dkdtjddS)Nr rr r ) rr crypto_sign_ed25519ph_STATEBYTESr0rZcrypto_sign_ed25519ph_initrrr)selfrrrr__init__s z$crypto_sign_ed25519ph_state.__init__N)__name__ __module__ __qualname____doc__ __slots__r3rrrrr/sr/cCsXtt|tdtjdtt|tdtjdt|j|t |}t|dkdtj ddS)z Update the hash state wrapped in edph :param edph: the ed25519ph state being updated :type edph: crypto_sign_ed25519ph_state :param pmsg: the partial message :type pmsg: bytes :rtype: None /edph parameter must be a ed25519ph_state objectr z%pmsg parameter must be a bytes objectrr N) r isinstancer/r TypeErrorbytesrcrypto_sign_ed25519ph_updater0rr)edphZpmsgrrrrr=s  r=cCstt|tdtjdtt|tdtjdtt|tkdttjdt dt }t |j|t j|}t|dkdtjdt |t ddS) aR Create a signature for the data hashed in edph using the secret key sk :param edph: the ed25519ph state for the data being signed :type edph: crypto_sign_ed25519ph_state :param sk: the ed25519 secret part of the signing key :type sk: bytes :return: ed25519ph signature :rtype: bytes r9r z+secret key parameter must be a bytes objectz!secret key must be {0} bytes longr rr N)rr:r/rr;r<rrformatrr rr"crypto_sign_ed25519ph_final_creater0ZNULLrr)r>r signaturerrrrr@s2    r@cCstt|tdtjdtt|tdtjdtt|tkdttjdtt|tdtjdtt|t kdt tjdt |j ||}|dkrt dd S) a Verify a prehashed signature using the public key pk :param edph: the ed25519ph state for the data being verified :type edph: crypto_sign_ed25519ph_state :param signature: the signature being verified :type signature: bytes :param pk: the ed25519 public part of the signing key :type pk: bytes :return: True if the signature is valid :rtype: boolean :raises exc.BadSignatureError: if the signature is not valid r9r z*signature parameter must be a bytes objectz signature must be {0} bytes longz+public key parameter must be a bytes objectz!public key must be {0} bytes longrr#T)rr:r/rr;r<rrr?rr"crypto_sign_ed25519ph_final_verifyr0r%)r>rArrrrrrBs>      rBN)$ __future__rrrZnaclrrZ nacl._sodiumrrZnacl.exceptionsrZcrypto_sign_bytesrZcrypto_sign_secretkeybytesrZcrypto_sign_publickeybytesrrZcrypto_box_secretkeybytesr&Z crypto_sign_ed25519ph_statebytesr1rrr r$r'r(r-r.objectr/r=r@rBrrrrs*   $