9(Zc @ssdZddlmZddlZddlmZddlmZddlm Z m Z m Z ddl m Z mZmZmZddlZdd lmZd d lmZejeZed d dddgZied dddddddd6ed dddddddd6ed dddddddd6Zd Zd!Zd"Zd#Zd$ZdS(%s&Contains elliptic curve functionality.i(t namedtupleN(tdefault_backend(tec(tdecode_dss_signaturetencode_dss_signaturet Prehashed(tint_from_bytest int_to_bytestInterfaceNotImplementedtverify_interfacei(tto_bytesi(tNotSupportedErrort_ECCCurveParameterstptatbtorderl?@l?@lK`Opq^cv 3,e< 1U]>{|R*ZlQ%x +Ohbi+}s@t secp256r1l~l~l*'#.TEbc+Z'@=D 1 "(?7N2Z_+|S/1fls)e`gwl X_[nlv|t secp384r1l#l#l#?VQ(zO%b95~cte1oR{V;LH w>l-rZE]"Sr&Ga9}*Fl# dp"z\}[z3"nZ;PK# `7roCQt secp521r1cCstjt|j}d}xt||jkrtjdt||j|j||}t||jkr$tjdt||jt |\}}t |j j j |}t||}q$q$W|S(sCalculates an elliptic curve signature with a static length using pre-calculated hash. :param key: Elliptic curve private key :type key: cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePrivateKey :param algorithm: Master algorithm to use :type algorithm: aws_encryption_sdk.identifiers.Algorithm :param bytes digest: Pre-calculated hash digest :returns: Signature with required length :rtype: bytes ts=Signature length %d is not desired length %d. Recalculating.s:Signature length %d is not desired length %d. Negating s.(RtECDSARtsigning_hash_typetlent signature_lent_LOGGERtdebugtsignRt_ECC_CURVE_PARAMETERStsigning_algorithm_infotnameRR(tkeyt algorithmtdigesttpre_hashed_algorithmt signaturetrts((s]/tmp/pip-build-wDUJoH/aws-encryption-sdk/aws_encryption_sdk/internal/crypto/elliptic_curve.pyt_ecc_static_length_signature7s"     cCs|jjdd}|jj}ddg}|jjjdra|jd}||}n td|t|j |S(sEncodes a compressed elliptic curve point as described in SEC-1 v2 section 2.3.3 http://www.secg.org/sec1-v2.pdf :param private_key: Private key from which to extract point data :type private_key: cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePrivateKey :returns: Encoded compressed elliptic curve point :rtype: bytes :raises NotSupportedError: for non-prime curves iisstsecpis/Non-prime curves are not supported at this time( tcurvetkey_sizet public_keytpublic_numbersRt startswithtyR Rtx(t private_keyt byte_lengthR+ty_mapty_orderR-((s]/tmp/pip-build-wDUJoH/aws-encryption-sdk/aws_encryption_sdk/internal/crypto/elliptic_curve.pyt_ecc_encode_compressed_pointYs     c Cs|stdnidd6dd6}|d}t|}t|d}|d}t|tjrtjt|}n$t|tjrtj|}n||}|j j dryt |j }Wn,t k rtdj d |j nXt|d |j|j||j|j|j}|jd d krmt||jdd |j} n td | d |kr| } q|j| } n td|| fS(sDecodes a compressed elliptic curve point as described in SEC-1 v2 section 2.3.4 http://www.secg.org/sec1-v2.pdf :param curve: Elliptic curve type to generate :type curve: cryptography.hazmat.primitives.asymmetric.ec.EllipticCurve :param bytes compressed_point: Encoded compressed elliptic curve point :returns: X and Y coordinates from compressed point :rtype: tuple of longs :raises NotSupportedError: for non-prime curves, unsupported prime curves, and points at infinity s"Points at infinity are not allowedisistbigR's*Curve {name} is not supported at this timeRiis+S not 1 :: Curve not supported at this timeis/Non-prime curves are not supported at this time(R R Rt isinstancetsixt integer_typesRtchrt string_typesRR,RtKeyErrortformattpowR R( R(tcompressed_pointt y_order_maptraw_xR.traw_yR2tparamstalphatbetaR-((s]/tmp/pip-build-wDUJoH/aws-encryption-sdk/aws_encryption_sdk/internal/crypto/elliptic_curve.pyt_ecc_decode_compressed_pointqs:       5#   cCs1t||\}}tjd|d|d|S(sPDecodes a compressed elliptic curve point as described in SEC-1 v2 section 2.3.3 and returns a PublicNumbers instance based on the decoded point. http://www.secg.org/sec1-v2.pdf :param curve: Elliptic curve type to generate :type curve: cryptography.hazmat.primitives.asymmetric.ec.EllipticCurve :param bytes compressed_point: Encoded compressed elliptic curve point :returns: EllipticCurvePublicNumbers instance generated from compressed point and curve :rtype: cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePublicNumbers R.R-R((RDRtEllipticCurvePublicNumbers(R(R=R.R-((s]/tmp/pip-build-wDUJoH/aws-encryption-sdk/aws_encryption_sdk/internal/crypto/elliptic_curve.pyt)_ecc_public_numbers_from_compressed_points cCsZy6ttj|jtjd|jdtSWntk rUtdnXdS(s,Returns an ECC signing key. :param algorithm: Algorithm object which determines what signature to generate :type algorithm: aws_encryption_sdk.identifiers.Algorithm :returns: Generated signing key :raises NotSupportedError: if signing algorithm is not supported on this platform R(tbackends"Unsupported signing algorithm infoN(R Rt EllipticCurveRtgenerate_private_keyRRR (R ((s]/tmp/pip-build-wDUJoH/aws-encryption-sdk/aws_encryption_sdk/internal/crypto/elliptic_curve.pytgenerate_ecc_signing_keys   ( t__doc__t collectionsRtloggingtcryptography.hazmat.backendsRt)cryptography.hazmat.primitives.asymmetricRt/cryptography.hazmat.primitives.asymmetric.utilsRRRtcryptography.utilsRRRR R6tstr_opsR t exceptionsR t getLoggert__name__RR RR&R3RDRFRJ(((s]/tmp/pip-build-wDUJoH/aws-encryption-sdk/aws_encryption_sdk/internal/crypto/elliptic_curve.pyt s@ "     "  8