є
/<ї\c           @` sj  d  d l  m Z m Z m Z d  d l m Z d  d l m Z m Z m	 Z	 d  d l
 m Z m Z m Z d  d l m Z m Z d  d l m Z m Z m Z d Д  Z d Д  Z d	 Д  Z d
 Д  Z d Д  Z d Д  Z e j e Г d e f d Д  Г  YГ Z e j e Г d e f d Д  Г  YГ Z e j e j Г d e f d Д  Г  YГ Z  e j e j! Г d e f d Д  Г  YГ Z" d S(   i    (   t   absolute_importt   divisiont   print_function(   t   utils(   t   InvalidSignaturet   UnsupportedAlgorithmt   _Reasons(   t   _calculate_digest_and_algorithmt   _check_not_prehashedt   _warn_sign_verify_deprecated(   t   hashest   serialization(   t   AsymmetricSignatureContextt   AsymmetricVerificationContextt   ecc         C` s+   t  |  t j Г s' t d t j Г В n  d  S(   Ns/   Unsupported elliptic curve signature algorithm.(   t
   isinstanceR   t   ECDSAR   R   t    UNSUPPORTED_PUBLIC_KEY_ALGORITHM(   t   signature_algorithm(    (    sF   lib/python2.7/site-packages/cryptography/hazmat/backends/openssl/ec.pyt   _check_signature_algorithm   s    c         C` sи   |  j  j | Г } |  j | |  j j k Г |  j  j | Г } | |  j  j k r^ t d Г В n  |  j  j | Г } |  j | |  j j k Г |  j j	 | Г j
 d Г } | S(   NsC   ECDSA certificates with unnamed curves are unsupported at this timet   ascii(   t   _libt   EC_KEY_get0_groupt   openssl_assertt   _ffit   NULLt   EC_GROUP_get_curve_namet	   NID_undeft   NotImplementedErrort
   OBJ_nid2snt   stringt   decode(   t   backendt   ec_keyt   groupt   nidt
   curve_namet   sn(    (    sF   lib/python2.7/site-packages/cryptography/hazmat/backends/openssl/ec.pyt   _ec_key_curve_sn   s    c         C` s   |  j  j | |  j  j Г d S(   sб   
    Set the named curve flag on the EC_KEY. This causes OpenSSL to
    serialize EC keys along with their curve OID which makes
    deserialization easier.
    N(   R   t   EC_KEY_set_asn1_flagt   OPENSSL_EC_NAMED_CURVE(   R    t   ec_cdata(    (    sF   lib/python2.7/site-packages/cryptography/hazmat/backends/openssl/ec.pyt   _mark_asn1_named_ec_curve0   s    	c         C` sE   y t  j | Г  SWn, t k
 r@ t d j | Г t j Г В n Xd  S(   Ns$   {} is not a supported elliptic curve(   R   t   _CURVE_TYPESt   KeyErrorR   t   formatR   t   UNSUPPORTED_ELLIPTIC_CURVE(   R    R%   (    (    sF   lib/python2.7/site-packages/cryptography/hazmat/backends/openssl/ec.pyt   _sn_to_elliptic_curve<   s    c         C` sз   |  j  j | j Г } |  j | d k Г |  j j d | Г } |  j j d d Г } |  j  j d | t | Г | | | j Г } |  j | d k Г |  j j | Г | d  S(   Ni    s   unsigned char[]s   unsigned int[]i   (	   R   t
   ECDSA_sizet   _ec_keyR   R   t   newt
   ECDSA_signt   lent   buffer(   R    t   private_keyt   datat   max_sizet   sigbuft
   siglen_ptrt   res(    (    sF   lib/python2.7/site-packages/cryptography/hazmat/backends/openssl/ec.pyt   _ecdsa_sig_signF   s    	!c         C` sS   |  j  j d | t | Г | t | Г | j Г } | d k rO |  j Г  t В n  d  S(   Ni    i   (   R   t   ECDSA_verifyR4   R1   t   _consume_errorsR   (   R    t
   public_keyt	   signatureR7   R;   (    (    sF   lib/python2.7/site-packages/cryptography/hazmat/backends/openssl/ec.pyt   _ecdsa_sig_verifyS   s
    	'
t   _ECDSASignatureContextc           B` s#   e  Z d  Д  Z d Д  Z d Д  Z RS(   c         C` s+   | |  _  | |  _ t j | | Г |  _ d  S(   N(   t   _backendt   _private_keyR
   t   Hasht   _digest(   t   selfR    R6   t	   algorithm(    (    sF   lib/python2.7/site-packages/cryptography/hazmat/backends/openssl/ec.pyt   __init__^   s    		c         C` s   |  j  j | Г d  S(   N(   RF   t   update(   RG   R7   (    (    sF   lib/python2.7/site-packages/cryptography/hazmat/backends/openssl/ec.pyRJ   c   s    c         C` s%   |  j  j Г  } t |  j |  j | Г S(   N(   RF   t   finalizeR<   RC   RD   (   RG   t   digest(    (    sF   lib/python2.7/site-packages/cryptography/hazmat/backends/openssl/ec.pyRK   f   s    (   t   __name__t
   __module__RI   RJ   RK   (    (    (    sF   lib/python2.7/site-packages/cryptography/hazmat/backends/openssl/ec.pyRB   \   s   		t   _ECDSAVerificationContextc           B` s#   e  Z d  Д  Z d Д  Z d Д  Z RS(   c         C` s4   | |  _  | |  _ | |  _ t j | | Г |  _ d  S(   N(   RC   t   _public_keyt
   _signatureR
   RE   RF   (   RG   R    R?   R@   RH   (    (    sF   lib/python2.7/site-packages/cryptography/hazmat/backends/openssl/ec.pyRI   n   s    			c         C` s   |  j  j | Г d  S(   N(   RF   RJ   (   RG   R7   (    (    sF   lib/python2.7/site-packages/cryptography/hazmat/backends/openssl/ec.pyRJ   t   s    c         C` s/   |  j  j Г  } t |  j |  j |  j | Г d  S(   N(   RF   RK   RA   RC   RP   RQ   (   RG   RL   (    (    sF   lib/python2.7/site-packages/cryptography/hazmat/backends/openssl/ec.pyt   verifyw   s    (   RM   RN   RI   RJ   RR   (    (    (    sF   lib/python2.7/site-packages/cryptography/hazmat/backends/openssl/ec.pyRO   l   s   		t   _EllipticCurvePrivateKeyc           B` se   e  Z d  Д  Z e j d Г Z e d Д  Г Z d Д  Z d Д  Z	 d Д  Z
 d Д  Z d Д  Z d Д  Z RS(	   c         C` sM   | |  _  t | | Г | |  _ | |  _ t | | Г } t | | Г |  _ d  S(   N(   RC   R*   R1   t	   _evp_pkeyR&   R/   t   _curve(   RG   R    t   ec_key_cdatat   evp_pkeyR%   (    (    sF   lib/python2.7/site-packages/cryptography/hazmat/backends/openssl/ec.pyRI   А   s    			RU   c         C` s
   |  j  j S(   N(   t   curvet   key_size(   RG   (    (    sF   lib/python2.7/site-packages/cryptography/hazmat/backends/openssl/ec.pyRY   Л   s    c         C` s4   t  Г  t | Г t | j Г t |  j |  | j Г S(   N(   R	   R   R   RH   RB   RC   (   RG   R   (    (    sF   lib/python2.7/site-packages/cryptography/hazmat/backends/openssl/ec.pyt   signerП   s
    
c         C` s)  |  j  j | |  j Г s- t d t j Г В n  | j j |  j j k rT t d Г В n  |  j  j j	 |  j
 Г } |  j  j j | Г d d } |  j  j | d k Г |  j  j j d | Г } |  j  j j | j
 Г } |  j  j j | | | |  j
 |  j  j j Г } |  j  j | d k Г |  j  j j | Г |  S(   Ns1   This backend does not support the ECDH algorithm.s2   peer_public_key and self are not on the same curvei   i   i    s	   uint8_t[](   RC   t+   elliptic_curve_exchange_algorithm_supportedRX   R   R   t   UNSUPPORTED_EXCHANGE_ALGORITHMt   namet
   ValueErrorR   R   R1   t   EC_GROUP_get_degreeR   R   R2   t   EC_KEY_get0_public_keyt   ECDH_compute_keyR   R5   (   RG   RH   t   peer_public_keyR"   t   z_lent   z_buft   peer_keyt   r(    (    sF   lib/python2.7/site-packages/cryptography/hazmat/backends/openssl/ec.pyt   exchangeЧ   s$    	!c         C` s+  |  j  j j |  j Г } |  j  j | |  j  j j k Г |  j  j j | Г } |  j  j j | Г } |  j  j | |  j  j j k Г |  j  j j	 | |  j  j j
 Г } |  j  j j |  j Г } |  j  j | |  j  j j k Г |  j  j j | | Г } |  j  j | d k Г |  j  j | Г } t |  j  | | Г S(   Ni   (   RC   R   R   R1   R   R   R   R   t   EC_KEY_new_by_curve_namet   gct   EC_KEY_freeR`   t   EC_KEY_set_public_keyt   _ec_cdata_to_evp_pkeyt   _EllipticCurvePublicKey(   RG   R"   t	   curve_nidt   public_ec_keyt   pointR;   RW   (    (    sF   lib/python2.7/site-packages/cryptography/hazmat/backends/openssl/ec.pyR?   ╡   s    c         C` sL   |  j  j j |  j Г } |  j  j | Г } t j d | d |  j Г  j Г  Г S(   Nt   private_valuet   public_numbers(	   RC   R   t   EC_KEY_get0_private_keyR1   t
   _bn_to_intR   t   EllipticCurvePrivateNumbersR?   Rr   (   RG   t   bnRq   (    (    sF   lib/python2.7/site-packages/cryptography/hazmat/backends/openssl/ec.pyt   private_numbers╦   s
    	c         C` s"   |  j  j | | | |  j |  j Г S(   N(   RC   t   _private_key_bytesRT   R1   (   RG   t   encodingR-   t   encryption_algorithm(    (    sF   lib/python2.7/site-packages/cryptography/hazmat/backends/openssl/ec.pyt   private_bytes╙   s    	c         C` s;   t  | Г t |  j | | j Г \ } } t |  j |  | Г S(   N(   R   R   RC   t
   _algorithmR<   (   RG   R7   R   RH   (    (    sF   lib/python2.7/site-packages/cryptography/hazmat/backends/openssl/ec.pyt   sign▄   s    
(   RM   RN   RI   R   t   read_only_propertyRX   t   propertyRY   RZ   Rg   R?   Rw   R{   R}   (    (    (    sF   lib/python2.7/site-packages/cryptography/hazmat/backends/openssl/ec.pyRS   ~   s   								Rm   c           B` s\   e  Z d  Д  Z e j d Г Z e d Д  Г Z d Д  Z d Д  Z	 d Д  Z
 d Д  Z d Д  Z RS(   c         C` sM   | |  _  t | | Г | |  _ | |  _ t | | Г } t | | Г |  _ d  S(   N(   RC   R*   R1   RT   R&   R/   RU   (   RG   R    RV   RW   R%   (    (    sF   lib/python2.7/site-packages/cryptography/hazmat/backends/openssl/ec.pyRI   ц   s    			RU   c         C` s
   |  j  j S(   N(   RX   RY   (   RG   (    (    sF   lib/python2.7/site-packages/cryptography/hazmat/backends/openssl/ec.pyRY   ё   s    c         C` sG   t  Г  t j d | Г t | Г t | j Г t |  j |  | | j Г S(   NR@   (   R	   R   t   _check_bytesR   R   RH   RO   RC   (   RG   R@   R   (    (    sF   lib/python2.7/site-packages/cryptography/hazmat/backends/openssl/ec.pyt   verifierї   s    
c   
   
   C` s  |  j  j |  j Г \ } } |  j  j j |  j Г } |  j  j | |  j  j j k Г |  j  j Г  ПГ } |  j  j j	 | Г } |  j  j j	 | Г } | | | | | | Г } |  j  j | d k Г |  j  j
 | Г } |  j  j
 | Г }	 Wd  QXt j d | d |	 d |  j Г S(   Ni   t   xt   yRX   (   RC   t    _ec_key_determine_group_get_funcR1   R   R`   R   R   R   t   _tmp_bn_ctxt
   BN_CTX_getRt   R   t   EllipticCurvePublicNumbersRU   (
   RG   t   get_funcR"   Rp   t   bn_ctxt   bn_xt   bn_yR;   RВ   RГ   (    (    sF   lib/python2.7/site-packages/cryptography/hazmat/backends/openssl/ec.pyRr       s    	c   	      C` sz  | t  j j k r$ |  j j j } n' | t  j j k s< t В |  j j j } |  j j j	 |  j
 Г } |  j j | |  j j j k Г |  j j j |  j
 Г } |  j j | |  j j j k Г |  j j Г  ПЬ } |  j j j | | | |  j j j d | Г } |  j j | d k Г |  j j j d | Г } |  j j j | | | | | | Г } |  j j | | k Г Wd  QX|  j j j | Г S(   Ni    s   char[](   R   t   PublicFormatt   CompressedPointRC   R   t   POINT_CONVERSION_COMPRESSEDt   UncompressedPointt   AssertionErrort   POINT_CONVERSION_UNCOMPRESSEDR   R1   R   R   R   R`   RЕ   t   EC_POINT_point2octR2   R5   (	   RG   R-   t
   conversionR"   Rp   RЙ   t   buflent   bufR;   (    (    sF   lib/python2.7/site-packages/cryptography/hazmat/backends/openssl/ec.pyt   _encode_point  s"    !c         C` s╞   | t  j j k r! t d Г В n  | t  j j k sW | t  j j k sW | t  j j k rг | t  j j k	 sЗ | t  j j t  j j f k rЦ t d Г В n  |  j | Г S|  j	 j
 | | |  |  j d  Г Sd  S(   Ns1   EC public keys do not support PKCS1 serializationsK   X962 encoding must be used with CompressedPoint or UncompressedPoint format(   R   RМ   t   PKCS1R^   t   Encodingt   X962RН   RП   RЦ   RC   t   _public_key_bytesRT   t   None(   RG   Ry   R-   (    (    sF   lib/python2.7/site-packages/cryptography/hazmat/backends/openssl/ec.pyt   public_bytes.  s&    		c         C` sB   t  | Г t |  j | | j Г \ } } t |  j |  | | Г d  S(   N(   R   R   RC   R|   RA   (   RG   R@   R7   R   RH   (    (    sF   lib/python2.7/site-packages/cryptography/hazmat/backends/openssl/ec.pyRR   O  s    
(   RM   RN   RI   R   R~   RX   R   RY   RБ   Rr   RЦ   RЬ   RR   (    (    (    sF   lib/python2.7/site-packages/cryptography/hazmat/backends/openssl/ec.pyRm   ф   s   			
			!N(#   t
   __future__R    R   R   t   cryptographyR   t   cryptography.exceptionsR   R   R   t*   cryptography.hazmat.backends.openssl.utilsR   R   R	   t   cryptography.hazmat.primitivesR
   R   t)   cryptography.hazmat.primitives.asymmetricR   R   R   R   R&   R*   R/   R<   RA   t   register_interfacet   objectRB   RO   t(   EllipticCurvePrivateKeyWithSerializationRS   t'   EllipticCurvePublicKeyWithSerializationRm   (    (    (    sF   lib/python2.7/site-packages/cryptography/hazmat/backends/openssl/ec.pyt   <module>   s&   				
			e