ó Ú_e[c@sødZddlmZddlmZddlmZmZddlm Z ddl m Z m Z ddl mZddlmZdd lmZdd lmZdd lmZd efd „ƒYZdefd„ƒYZdefd„ƒYZdS(s ECDSA keys iÿÿÿÿ(tInvalidSignature(tdefault_backend(thashest serialization(tec(tdecode_dss_signaturetencode_dss_signature(t four_byte(tMessage(tPKey(t SSHException(t deflate_longt _ECDSACurvecBseZdZd„ZRS(sì Represents a specific ECDSA Curve (nistp256, nistp384, etc). Handles the generation of the key format identifier and the selection of the proper hash function. Also grabs the proper curve from the 'ecdsa' package. cCsz||_|j|_d|j|_|jdkrCtj|_n*|jdkratj|_n tj|_||_ dS(Ns ecdsa-sha2-ii€( t nist_nametkey_sizet key_lengthtkey_format_identifierRtSHA256t hash_objecttSHA384tSHA512t curve_class(tselfRR ((s5/tmp/pip-install-KP2Jbq/paramiko/paramiko/ecdsakey.pyt__init__.s   (t__name__t __module__t__doc__R(((s5/tmp/pip-install-KP2Jbq/paramiko/paramiko/ecdsakey.pyR &st_ECDSACurveSetcBs;eZdZd„Zd„Zd„Zd„Zd„ZRS(s° A collection to hold the ECDSA curves. Allows querying by oid and by key format identifier. The two ways in which ECDSAKey needs to be able to look up curves. cCs ||_dS(N(t ecdsa_curves(RR((s5/tmp/pip-install-KP2Jbq/paramiko/paramiko/ecdsakey.pyRFscCsg|jD]}|j^q S(N(RR(Rtcurve((s5/tmp/pip-install-KP2Jbq/paramiko/paramiko/ecdsakey.pytget_key_format_identifier_listIscCs+x$|jD]}|j|kr |Sq WdS(N(RR(RRR((s5/tmp/pip-install-KP2Jbq/paramiko/paramiko/ecdsakey.pytget_by_curve_classLscCs+x$|jD]}|j|kr |Sq WdS(N(RR(RRR((s5/tmp/pip-install-KP2Jbq/paramiko/paramiko/ecdsakey.pytget_by_key_format_identifierQscCs+x$|jD]}|j|kr |Sq WdS(N(RR(RRR((s5/tmp/pip-install-KP2Jbq/paramiko/paramiko/ecdsakey.pytget_by_key_lengthVs(RRRRRRR R!(((s5/tmp/pip-install-KP2Jbq/paramiko/paramiko/ecdsakey.pyR@s     tECDSAKeycBseZdZeeejdƒeejdƒeejdƒgƒZ dddddde d„Z e d„ƒZd„Zd„Zd„Zd „Zd „Zd „Zd „Zd „Zdd„Zdd„Ze ejƒddd„ƒZd„Zd„Zd„Zd„Zd„ZRS(s\ Representation of an ECDSA key which can be used to sign and verify SSH2 data. tnistp256tnistp384tnistp521cCsþd|_d|_d|_|dk r;|j||ƒdS|dk r[|j||ƒdS|dkr‚|dk r‚t|ƒ}n|dk rÇ|\|_|_|jjj}|j j |ƒ|_ n3|j ƒ} d} | j | ƒrü| t| ƒ } n|j j| ƒ|_ |j jƒ} g| D]} dj| ƒ^q'} |jd|d| d| ƒ|j ƒ}||j jkr”tdj|ƒƒ‚n|jƒ}y"tjj|j jƒ|ƒ}Wntk rátdƒ‚nX|jdtƒƒ|_dS( Ns-cert-v01@openssh.coms{}-cert-v01@openssh.comtmsgtkey_typet cert_typesCan't handle curve of type {}sInvalid public keytbackend(tNonet verifying_keyt signing_keyt public_blobt_from_private_keyt_from_private_key_fileRRt __class__t _ECDSA_CURVESRt ecdsa_curvetget_texttendswithtlenR Rtformatt_check_type_and_load_certR R t get_binaryRtEllipticCurvePublicNumberstfrom_encoded_pointRt ValueErrort public_keyR(RR&tdatatfilenametpasswordtvalstfile_objtvalidate_pointtc_classR'tsuffixt key_typestxt cert_typest curvenamet pointinfotnumbers((s5/tmp/pip-install-KP2Jbq/paramiko/paramiko/ecdsakey.pyRhsN              cCs |jjƒS(N(R1R(tcls((s5/tmp/pip-install-KP2Jbq/paramiko/paramiko/ecdsakey.pyt supported_key_format_identifiers scCs×|j}tƒ}|j|jjƒ|j|jjƒ|jƒ}|jjdd}t |j dt ƒ}d|t |ƒ|}t |j dt ƒ}d|t |ƒ|}t||}|j|ƒ|jƒS(Niitadd_sign_paddingt(R+Rt add_stringR2RR tpublic_numbersRRR RFtFalseR5tyRtasbytes(RtkeytmRJtkey_size_bytestx_bytesty_bytest point_str((s5/tmp/pip-install-KP2Jbq/paramiko/paramiko/ecdsakey.pyRS¤s    cCs |jƒS(N(RS(R((s5/tmp/pip-install-KP2Jbq/paramiko/paramiko/ecdsakey.pyt__str__¸scCs1t|jƒ|jjƒj|jjƒjfƒS(N(thashtget_nameR+RPRFRR(R((s5/tmp/pip-install-KP2Jbq/paramiko/paramiko/ecdsakey.pyt__hash__»scCs |jjS(N(R2R(R((s5/tmp/pip-install-KP2Jbq/paramiko/paramiko/ecdsakey.pyR\¿scCs |jjS(N(R2R(R((s5/tmp/pip-install-KP2Jbq/paramiko/paramiko/ecdsakey.pytget_bitsÂscCs |jdk S(N(R,R*(R((s5/tmp/pip-install-KP2Jbq/paramiko/paramiko/ecdsakey.pytcan_signÅscCsxtj|jjƒƒ}|jj||ƒ}t|ƒ\}}tƒ}|j|jj ƒ|j|j ||ƒƒ|S(N( RtECDSAR2RR,tsignRRRORt _sigencode(RR=tecdsatsigtrtsRU((s5/tmp/pip-install-KP2Jbq/paramiko/paramiko/ecdsakey.pyt sign_ssh_dataÈs cCs•|jƒ|jjkrtS|jƒ}|j|ƒ\}}t||ƒ}y,|jj||t j |jj ƒƒƒWnt k rŒtSXt SdS(N(R3R2RRQR8t _sigdecodeRR+tverifyRR`RRtTrue(RR=R&RdtsigRtsigSt signature((s5/tmp/pip-install-KP2Jbq/paramiko/paramiko/ecdsakey.pytverify_ssh_sigÒs  # cCs&|j||jtjjd|ƒdS(NR?(t_write_private_key_fileR,Rt PrivateFormattTraditionalOpenSSL(RR>R?((s5/tmp/pip-install-KP2Jbq/paramiko/paramiko/ecdsakey.pytwrite_private_key_fileâs  cCs&|j||jtjjd|ƒdS(NR?(t_write_private_keyR,RRpRq(RRAR?((s5/tmp/pip-install-KP2Jbq/paramiko/paramiko/ecdsakey.pytwrite_private_keyês  cCs‚|dk rQ|jj|ƒ}|dkrBtdj|ƒƒ‚n|jƒ}ntj|dtƒƒ}t d||j ƒfƒS(s Generate a new private ECDSA key. This factory function can be used to generate a new host key or authentication key. :param progress_func: Not used for this type of key. :returns: A new private key (`.ECDSAKey`) object sUnsupported key length: {:d}R)R@N( R*R1R!R;R6RRtgenerate_private_keyRR"R<(RKRt progress_functbitst private_key((s5/tmp/pip-install-KP2Jbq/paramiko/paramiko/ecdsakey.pytgenerateòs  cCs&|jd||ƒ}|j|ƒdS(NtEC(t_read_private_key_filet _decode_key(RR>R?R=((s5/tmp/pip-install-KP2Jbq/paramiko/paramiko/ecdsakey.pyR/scCs&|jd||ƒ}|j|ƒdS(NRz(t_read_private_keyR|(RRAR?R=((s5/tmp/pip-install-KP2Jbq/paramiko/paramiko/ecdsakey.pyR. scCsy"tj|dddtƒƒ}Wn+ttfk rO}tt|ƒƒ‚nX||_|j ƒ|_ |j j }|j j|ƒ|_dS(NR?R)(Rtload_der_private_keyR*RR;tAssertionErrorR tstrR,R<R+RR0R1RR2(RR=RTteR((s5/tmp/pip-install-KP2Jbq/paramiko/paramiko/ecdsakey.pyR|s  cCs-tƒ}|j|ƒ|j|ƒ|jƒS(N(Rt add_mpintRS(RReRfR&((s5/tmp/pip-install-KP2Jbq/paramiko/paramiko/ecdsakey.pyRbs   cCs.t|ƒ}|jƒ}|jƒ}||fS(N(Rt get_mpint(RRdR&ReRf((s5/tmp/pip-install-KP2Jbq/paramiko/paramiko/ecdsakey.pyRh!s   N(RRRRR Rt SECP256R1t SECP384R1t SECP521R1R1R*RjRt classmethodRLRSRZR]R\R^R_RgRnRrRtRyR/R.R|RbRh(((s5/tmp/pip-install-KP2Jbq/paramiko/paramiko/ecdsakey.pyR"\s2 7            N(Rtcryptography.exceptionsRtcryptography.hazmat.backendsRtcryptography.hazmat.primitivesRRt)cryptography.hazmat.primitives.asymmetricRt/cryptography.hazmat.primitives.asymmetric.utilsRRtparamiko.commonRtparamiko.messageRt paramiko.pkeyR tparamiko.ssh_exceptionR t paramiko.utilR tobjectR RR"(((s5/tmp/pip-install-KP2Jbq/paramiko/paramiko/ecdsakey.pyts