o g-@sdZddlmZmZddlmZddlmZmZddl m Z ddl m Z m Z ddlmZddlmZdd lmZdd lmZdd lmZGd d d ZGdddZGdddeZdS)z ECDSA keys )InvalidSignatureUnsupportedAlgorithm)default_backend)hashes serialization)ec)decode_dss_signatureencode_dss_signature) four_byte)Message)PKey) SSHException) deflate_longc@seZdZdZddZdS) _ECDSACurvez Represents a specific ECDSA Curve (nistp256, nistp384, etc). Handles the generation of the key format identifier and the selection of the proper hash function. Also grabs the proper curve from the 'ecdsa' package. cCsT||_|j|_d|j|_|jdkrtj|_n|jdkr!tj|_ntj|_||_ dS)N ecdsa-sha2-i) nist_namekey_size key_lengthkey_format_identifierrSHA256 hash_objectSHA384SHA512 curve_class)selfrrrK/var/www/html/api-tag/env/lib/python3.10/site-packages/paramiko/ecdsakey.py__init__0s      z_ECDSACurve.__init__N)__name__ __module__ __qualname____doc__rrrrrr's rc@s8eZdZdZddZddZddZdd Zd d Zd S) _ECDSACurveSetz A collection to hold the ECDSA curves. Allows querying by oid and by key format identifier. The two ways in which ECDSAKey needs to be able to look up curves. cCs ||_dSN ecdsa_curves)rr&rrrrI z_ECDSACurveSet.__init__cCsdd|jDS)NcSsg|]}|jqSr)r).0curverrr MszA_ECDSACurveSet.get_key_format_identifier_list..r%rrrrget_key_format_identifier_listLsz-_ECDSACurveSet.get_key_format_identifier_listcC"|jD] }|j|kr|SqdSr$)r&r)rrr)rrrget_by_curve_classO  z!_ECDSACurveSet.get_by_curve_classcCr-r$)r&r)rrr)rrrget_by_key_format_identifierTr/z+_ECDSACurveSet.get_by_key_format_identifiercCr-r$)r&r)rrr)rrrget_by_key_lengthYr/z _ECDSACurveSet.get_by_key_lengthN) rr r!r"rr,r.r0r1rrrrr#Bs r#c@seZdZdZeeejdeejdeej dgZ       d-ddZ e d d Z e d d Zd dZddZeddZddZddZddZd.ddZddZd.ddZd.dd Ze eddfd!d"Zd#d$Zd%d&Zd'd(Zd)d*Zd+d,ZdS)/ECDSAKeyz\ Representation of an ECDSA key which can be used to sign and verify SSH2 data. nistp256nistp384nistp521NTcCsJd|_d|_d|_|dur|||dS|dur!|||dS|dur-|dur-t|}|durE|\|_|_|jjj}|j ||_ dS| } d} | | rY| dt |  } |j| |_ |j} dd| D} |j|| | d| } | |j jkrtd| |}ztj|j |}||_WdStytdw)Nz-cert-v01@openssh.comcSsg|]}d|qS)z{}-cert-v01@openssh.com)format)r(xrrrr*s z%ECDSAKey.__init__..)msgkey_type cert_typezCan't handle curve of type {}zInvalid public key) verifying_key signing_key public_blob_from_private_key_from_private_key_filer r) __class__ _ECDSA_CURVESr. ecdsa_curveget_textendswithlenr0r,_check_type_and_load_certrr r6 get_binaryrEllipticCurvePublicKeyfrom_encoded_pointr ValueError)rr8datafilenamepasswordvalsfile_objvalidate_pointc_classr9suffix key_types cert_types curvename pointinfokeyrrrrmsV           zECDSAKey.__init__cCs |jSr$)rAr,clsrrr identifierss zECDSAKey.identifierscC|Sr$)rZrXrrr supported_key_format_identifierssz)ECDSAKey.supported_key_format_identifierscCs|j}t}||jj||jj|}|jjdd}t |j dd}d|t ||}t |j dd}d|t ||}t ||}|||S)NF)add_sign_padding)r;r add_stringrBrrpublic_numbersr)rrr7rEyr asbytes)rrWmnumberskey_size_bytesx_bytesy_bytes point_strrrrrds  zECDSAKey.asbytescCr[r$)rdr+rrr__str__zECDSAKey.__str__cCs||jj|jjfSr$)get_namer;rbr7rcr+rrr_fieldss  zECDSAKey._fieldscC|jjSr$)rBrr+rrrrmrlzECDSAKey.get_namecCror$)rBrr+rrrget_bitsrlzECDSAKey.get_bitscCs |jduSr$)r<r+rrrcan_signr'zECDSAKey.can_signcCsTt|j}|j||}t|\}}t}||jj || |||Sr$) rECDSArBrr<signrr rar _sigencode)rrK algorithmecdsasigrsrerrr sign_ssh_datas zECDSAKey.sign_ssh_datacCsl||jjkr dS|}||\}}t||}z|j||t |j WdSt y5YdSw)NFT) rCrBrrG _sigdecoder r;verifyrrrrr)rrKr8rwsigRsigS signaturerrrverify_ssh_sigs  zECDSAKey.verify_ssh_sigcC|j||jtjj|ddSN)rM)_write_private_key_filer<r PrivateFormatTraditionalOpenSSL)rrLrMrrrwrite_private_key_file  zECDSAKey.write_private_key_filecCrr)_write_private_keyr<rrr)rrOrMrrrwrite_private_keyrzECDSAKey.write_private_keycCsT|dur|j|}|durtd||}tj|td}t|| fdS)a Generate a new private ECDSA key. This factory function can be used to generate a new host key or authentication key. :param progress_func: Not used for this type of key. :returns: A new private key (`.ECDSAKey`) object NzUnsupported key length: {:d})backend)rN) rAr1rJr6rrgenerate_private_keyrr2 public_key)rYr) progress_funcbits private_keyrrrgenerates zECDSAKey.generatecC|d||}||dSNEC)_read_private_key_file _decode_key)rrLrMrKrrrr?zECDSAKey._from_private_key_filecCrr)_read_private_keyr)rrOrMrKrrrr>rzECDSAKey._from_private_keyc Cs|\}}||jkr+z tj|dtd}Wn_ttttfy*}ztt |d}~ww||j kroz,t |}| }| }|}d|} |j| } | sQtdt|| t}Wntyn}ztt |d}~ww||||_||_|jj} |j| |_dS)N)rMrrzInvalid key curve identifier)_PRIVATE_KEY_FORMAT_ORIGINALrload_der_private_keyrrJAssertionError TypeErrorrr str_PRIVATE_KEY_FORMAT_OPENSSHr rCrG get_mpintrAr0rderive_private_keyr Exception_got_bad_key_format_idr<rr;r)r@r.rB) rrKpkformatrWer8 curve_nameverkeysigkeynamer)rrrrr"sJ         zECDSAKey._decode_keycCs"t}|||||Sr$)r add_mpintrd)rrxryr8rrrrtIs  zECDSAKey._sigencodecCs t|}|}|}||fSr$)r r)rrwr8rxryrrrr{OszECDSAKey._sigdecode)NNNNNNTr$) rr r!r"r#rr SECP256R1 SECP384R1 SECP521R1rAr classmethodrZr\rdrkpropertyrnrmrprqrzrrrrr?r>rrtr{rrrrr2_sL     >      ' r2N)r"cryptography.exceptionsrrcryptography.hazmat.backendsrcryptography.hazmat.primitivesrr)cryptography.hazmat.primitives.asymmetricr/cryptography.hazmat.primitives.asymmetric.utilsrr paramiko.commonr paramiko.messager paramiko.pkeyr paramiko.ssh_exceptionr paramiko.utilrrr#r2rrrrs