=OXc@sdZddlmZddlmZddlmZmZddlm Z ddl m Z m Z ddl mZddlmZdd lmZdd lmZdd lmZd efd YZdefdYZdefdYZdS(s ECDSA keys i(tInvalidSignature(tdefault_backend(thashest serialization(tec(tdecode_dss_signaturetencode_dss_signature(t four_byte(tMessage(tPKey(t SSHException(t deflate_longt _ECDSACurvecBseZdZdZRS(s Represents a specific ECDSA Curve (nistp256, nistp384, etc). Handles the generation of the key format identifier and the selection of the proper hash function. Also grabs the proper curve from the 'ecdsa' package. cCsz||_|j|_d|j|_|jdkrCtj|_n*|jdkratj|_n tj|_||_ dS(Ns ecdsa-sha2-ii( t nist_nametkey_sizet key_lengthtkey_format_identifierRtSHA256t hash_objecttSHA384tSHA512t curve_class(tselfRR ((s5/usr/lib/python2.7/site-packages/paramiko/ecdsakey.pyt__init__.s   (t__name__t __module__t__doc__R(((s5/usr/lib/python2.7/site-packages/paramiko/ecdsakey.pyR &st_ECDSACurveSetcBs;eZdZdZdZdZdZdZRS(s A collection to hold the ECDSA curves. Allows querying by oid and by key format identifier. The two ways in which ECDSAKey needs to be able to look up curves. cCs ||_dS(N(t ecdsa_curves(RR((s5/usr/lib/python2.7/site-packages/paramiko/ecdsakey.pyRFscCsg|jD]}|j^q S(N(RR(Rtcurve((s5/usr/lib/python2.7/site-packages/paramiko/ecdsakey.pytget_key_format_identifier_listIscCs+x$|jD]}|j|kr |Sq WdS(N(RR(RRR((s5/usr/lib/python2.7/site-packages/paramiko/ecdsakey.pytget_by_curve_classLscCs+x$|jD]}|j|kr |Sq WdS(N(RR(RRR((s5/usr/lib/python2.7/site-packages/paramiko/ecdsakey.pytget_by_key_format_identifierQscCs+x$|jD]}|j|kr |Sq WdS(N(RR(RRR((s5/usr/lib/python2.7/site-packages/paramiko/ecdsakey.pytget_by_key_lengthVs(RRRRRRR R!(((s5/usr/lib/python2.7/site-packages/paramiko/ecdsakey.pyR@s     tECDSAKeycBseZdZeeejdeejdeejdgZ dddddde dZ e dZdZdZdZd Zd Zd Zd Zd ZddZddZe ejdddZdZdZdZdZdZRS(s\ Representation of an ECDSA key which can be used to sign and verify SSH2 data. tnistp256tnistp384tnistp521c Csd|_d|_|dk r2|j||dS|dk rR|j||dS|dkry|dk ryt|}n|dk r|\|_|_|jjj}|jj ||_ n|dkrt dn|jj |j |_ |j dkrt dn|j } | |j jkrCt d| n|j} y"tjj|j j| } Wntk rt dnX| jdt|_dS(NsKey object may not be emptys Invalid keysCan't handle curve of type %ssInvalid public keytbackend(tNonet verifying_keyt signing_keyt_from_private_keyt_from_private_key_fileRRt __class__t _ECDSA_CURVESRt ecdsa_curveR R tget_textR t get_binaryRtEllipticCurvePublicNumberstfrom_encoded_pointRt ValueErrort public_keyR( Rtmsgtdatatfilenametpasswordtvalstfile_objtvalidate_pointtc_classt curvenamet pointinfotnumbers((s5/usr/lib/python2.7/site-packages/paramiko/ecdsakey.pyRhs<           cCs |jjS(N(R-R(tcls((s5/usr/lib/python2.7/site-packages/paramiko/ecdsakey.pyt supported_key_format_identifiersscCs|j}t}|j|jj|j|jj|j}|jjdd}t |j dt }d|t ||}t |j dt }d|t ||}t||}|j||jS(Niitadd_sign_paddingt(R(Rt add_stringR.RR tpublic_numbersRRR txtFalsetlentyRtasbytes(RtkeytmR?tkey_size_bytestx_bytesty_bytest point_str((s5/usr/lib/python2.7/site-packages/paramiko/ecdsakey.pyRJs    cCs |jS(N(RJ(R((s5/usr/lib/python2.7/site-packages/paramiko/ecdsakey.pyt__str__scCs\t|j}|dt|jjj}|dt|jjj}t|S(Ni%(thashtget_nameR(RERFRI(Rth((s5/usr/lib/python2.7/site-packages/paramiko/ecdsakey.pyt__hash__s  cCs |jjS(N(R.R(R((s5/usr/lib/python2.7/site-packages/paramiko/ecdsakey.pyRSscCs |jjS(N(R.R(R((s5/usr/lib/python2.7/site-packages/paramiko/ecdsakey.pytget_bitsscCs |jdk S(N(R)R'(R((s5/usr/lib/python2.7/site-packages/paramiko/ecdsakey.pytcan_signscCstj|jj}|jj|}|j||j}t|\}}t }|j |jj |j |j |||S(N( RtECDSAR.RR)tsignertupdatetfinalizeRRRDRt _sigencode(RR6tecdsaRYtsigtrtsRL((s5/usr/lib/python2.7/site-packages/paramiko/ecdsakey.pyt sign_ssh_datas   cCs|j|jjkrtS|j}|j|\}}t||}|jj|t j |jj }|j |y|j Wntk rtSXtSdS(N(R/R.RRGR0t _sigdecodeRR(tverifierRRXRRZtverifyRtTrue(RR6R5R^tsigRtsigSt signatureRc((s5/usr/lib/python2.7/site-packages/paramiko/ecdsakey.pytverify_ssh_sigs    cCs&|j||jtjjd|dS(NR8(t_write_private_key_fileR)Rt PrivateFormattTraditionalOpenSSL(RR7R8((s5/usr/lib/python2.7/site-packages/paramiko/ecdsakey.pytwrite_private_key_files  cCs&|j||jtjjd|dS(NR8(t_write_private_keyR)RRkRl(RR:R8((s5/usr/lib/python2.7/site-packages/paramiko/ecdsakey.pytwrite_private_keys  cCs}|dk rL|jj|}|dkr=td|n|j}ntj|dt}td||j fS(s Generate a new private ECDSA key. This factory function can be used to generate a new host key or authentication key. :param function progress_func: Not used for this type of key. :returns: A new private key (`.ECDSAKey`) object sUnsupported key length: %dR&R9N( R'R-R!R3RRtgenerate_private_keyRR"R4(R@Rt progress_functbitst private_key((s5/usr/lib/python2.7/site-packages/paramiko/ecdsakey.pytgenerates  cCs&|jd||}|j|dS(NtEC(t_read_private_key_filet _decode_key(RR7R8R6((s5/usr/lib/python2.7/site-packages/paramiko/ecdsakey.pyR+scCs&|jd||}|j|dS(NRu(t_read_private_keyRw(RR:R8R6((s5/usr/lib/python2.7/site-packages/paramiko/ecdsakey.pyR*scCsy"tj|dddt}Wn+ttfk rO}tt|nX||_|j |_ |j j }|j j||_dS(NR8R&(Rtload_der_private_keyR'RR3tAssertionErrorR tstrR)R4R(RR,R-RR.(RR6RKteR((s5/usr/lib/python2.7/site-packages/paramiko/ecdsakey.pyRws  cCs-t}|j||j||jS(N(Rt add_mpintRJ(RR_R`R5((s5/usr/lib/python2.7/site-packages/paramiko/ecdsakey.pyR\ s   cCs.t|}|j}|j}||fS(N(Rt get_mpint(RR^R5R_R`((s5/usr/lib/python2.7/site-packages/paramiko/ecdsakey.pyRbs   N(RRRRR Rt SECP256R1t SECP384R1t SECP521R1R-R'ReRt classmethodRARJRQRURSRVRWRaRiRmRoRtR+R*RwR\Rb(((s5/usr/lib/python2.7/site-packages/paramiko/ecdsakey.pyR"\s2 #            N(Rtcryptography.exceptionsRtcryptography.hazmat.backendsRtcryptography.hazmat.primitivesRRt)cryptography.hazmat.primitives.asymmetricRt/cryptography.hazmat.primitives.asymmetric.utilsRRtparamiko.commonRtparamiko.messageRt paramiko.pkeyR tparamiko.ssh_exceptionR t paramiko.utilR tobjectR RR"(((s5/usr/lib/python2.7/site-packages/paramiko/ecdsakey.pyts