a b/@sddlZddlmZmZddlmZddlmZejrBddl m Z dddd Z dd d d d Z Gdd d ej ZedddZGdddejZGdddejZdS)N)UnsupportedAlgorithm_Reasons) serialization)dh)BackendrbackendcCs|j}|j}||}|||jk|||j}|jr|d}| ||j||j| |d}| ||j||j}||dk|SN BIGNUM **r) _lib_ffiZ DHparams_dupopenssl_assertNULLgcZDH_freeZCRYPTOGRAPHY_IS_LIBRESSLnew DH_get0_pqgBN_dupZ DH_set0_pqg)dh_cdatarlibffi param_cdataqZq_dupresrN/tmp/pip-target-98j97qn4/lib/python/cryptography/hazmat/backends/openssl/dh.py_dh_params_dups  r _DHParameters)rreturncCst||}t||SN)rr)rrrrrr_dh_cdata_to_parameters"s r c@sPeZdZddddZejdddZejddd Ze j e j e d d d Z d S)rrrcCs||_||_dSr)_backend _dh_cdata)selfrrrrr__init__(sz_DHParameters.__init__rcCs|jjd}|jjd}|jjd}|jj|j||||j|d|jjjk|j|d|jjjk|d|jjjkrd}n|j|d}t j |j|d|j|d|dS)Nr rpgr) r!r rr rr"rr _bn_to_intrDHParameterNumbers)r#r'r(rq_valrrrparameter_numbers,sz_DHParameters.parameter_numberscCs |j|Sr)r!Zgenerate_dh_private_keyr#rrrgenerate_private_key>sz"_DHParameters.generate_private_keyencodingformatrcCs&|tjjurtd|tjjur(td|jj d}|jj |j |jjj ||jjj |d|jjj kr|jj jstdtj|tjjur|d|jjj kr|jj j}q|jj j}n>|tjjur|d|jjj kr|jj j}q|jj j}ntd|j}|||j }|j|dk|j|S)Nz!OpenSSH encoding is not supportedz%Only PKCS3 serialization is supportedr r'DH X9.42 serialization is not supportedz/encoding must be an item from the Encoding enumr )rEncodingZOpenSSH TypeErrorParameterFormatZPKCS3 ValueErrorr!r rr rr"rCryptography_HAS_EVP_PKEY_DHXrrUNSUPPORTED_SERIALIZATIONZPEMZPEM_write_bio_DHxparamsZPEM_write_bio_DHparamsZDERZCryptography_i2d_DHxparams_bioZi2d_DHparams_bioZ_create_mem_bio_gcrZ _read_mem_bio)r#r0r1rZ write_bioZbiorrrrparameter_bytesAs:          z_DHParameters.parameter_bytesN)__name__ __module__ __qualname__r$rr*r, DHPrivateKeyr.rr3r5bytesr9rrrrr'sr%cCsL|jd}|j|||jj|jj||d|jjk|j|dS)Nr r)r rr rrrZ BN_num_bits)rrr'rrr_get_dh_num_bitsls r?c@seZdZddddZeedddZejddd Z ej e d d d Z e d dddZej dddZejdddZejejeje dddZd S) _DHPrivateKeyrrcCs&||_||_||_|jj||_dSr)r!r" _evp_pkeyr ZDH_size_key_size_bytesr#rrevp_pkeyrrrr$tsz_DHPrivateKey.__init__r%cCst|j|jSr)r?r!r"r-rrrkey_sizezsz_DHPrivateKey.key_sizecCsT|jjd}|jjd}|jjd}|jj|j||||j|d|jjjk|j|d|jjjk|d|jjjkrd}n|j|d}|jjd}|jjd}|jj |j|||j|d|jjjk|j|d|jjjkt j t j t j |j|d|j|d|d|j|dd|j|ddS)Nr rr&r,y)public_numbersx)r!r rr rr"rrr) DH_get0_keyrDHPrivateNumbersDHPublicNumbersr*)r#r'r(rr+pub_keyZpriv_keyrrrprivate_numbers~s2z_DHPrivateKey.private_numbers)peer_public_keyrcCsVt|tstd|jj|j|jjj}|j ||jjjk|jj ||jjj }|jj |}|j |dk|jj ||j}||dk|jjd}|jj||jjj|}||dk|j |ddk|jjd|d}|jj|||}|j |dk|jj||ddd}|jt|}|dkrRd||}|S)Nz%peer_public_key must be a DHPublicKeyr zsize_t *rzunsigned char[]) isinstance _DHPublicKeyr4r!r ZEVP_PKEY_CTX_newrAr rrrZEVP_PKEY_CTX_freeZEVP_PKEY_derive_initZEVP_PKEY_derive_set_peer_exchange_assertrZEVP_PKEY_derivebufferrBlen)r#rOctxrZkeylenbufkeypadrrrexchanges6     z_DHPrivateKey.exchangeN)okrcCs|s|j}td|dS)NzError computing shared key.)r!Z_consume_errors_with_textr6)r#r[Zerrors_with_textrrrrSs  z_DHPrivateKey._exchange_assertcCst|j|j}|jjd}|jj|j||jjj|j|d|jjjk|jj |d}|j||jjjk|jj |||jjj}|j|dk|j |}t |j||Sr ) rr"r!r rr rJrrrZ DH_set0_keyZ_dh_cdata_to_evp_pkeyrR)r#rrMZ pub_key_duprrDrrr public_keys  z_DHPrivateKey.public_keycCst|j|jSrr r"r!r-rrr parameterssz_DHPrivateKey.parameters)r0r1encryption_algorithmrcCs|tjjurtd|jjjsl|jjd}|jj |j |jjj ||jjj |d|jjj krlt dt j|j|||||j|j S)Nz0DH private keys support only PKCS8 serializationr rr2)r PrivateFormatZPKCS8r6r!r r7r rrr"rrrr8Z_private_key_bytesrA)r#r0r1r_rrrr private_bytess2  z_DHPrivateKey.private_bytes)r:r;r<r$propertyintrErrKrN DHPublicKeyr>rZboolrSr\ DHParametersr^rr3r`ZKeySerializationEncryptionrarrrrr@ss$r@c@sbeZdZddddZeedddZejddd Z ej dd d Z e j e jed d dZdS)rRrrcCs&||_||_||_t|j|j|_dSr)r!r"rAr?_key_size_bitsrCrrrr$sz_DHPublicKey.__init__r%cCs|jSr)rgr-rrrrEsz_DHPublicKey.key_sizecCs|jjd}|jjd}|jjd}|jj|j||||j|d|jjjk|j|d|jjjk|d|jjjkrd}n|j|d}|jjd}|jj |j||jjj|j|d|jjjkt j t j |j|d|j|d|d|j|ddS)Nr rr&rF) r!r rr rr"rrr)rJrrLr*)r#r'r(rr+rMrrrrHs,z_DHPublicKey.public_numberscCst|j|jSrr]r-rrrr^ sz_DHPublicKey.parametersr/cCs|tjjurtd|jjjsl|jjd}|jj |j |jjj ||jjj |d|jjj krlt dt j|j||||jdS)Nz>DH public keys support only SubjectPublicKeyInfo serializationr rr2)r PublicFormatZSubjectPublicKeyInfor6r!r r7r rrr"rrrr8Z_public_key_bytesrA)r#r0r1rrrr public_bytes#s(   z_DHPublicKey.public_bytesN)r:r;r<r$rbrcrErrLrHrfr^rr3rhr>rirrrrrRsrR)typingZcryptography.exceptionsrrZcryptography.hazmat.primitivesrZ)cryptography.hazmat.primitives.asymmetricr TYPE_CHECKINGZ,cryptography.hazmat.backends.openssl.backendrrr rfrrcr?r=r@rdrRrrrrs   E