ó =OXc@sødZddlmZddlmZddlmZmZddlm Z ddl m Z m Z ddl mZddlmZdd lmZdd lmZdd lmZd efd „ƒYZdefd„ƒYZdefd„ƒYZdS(s ECDSA keys iÿÿÿÿ(tInvalidSignature(tdefault_backend(thashest serialization(tec(tdecode_dss_signaturetencode_dss_signature(t four_byte(tMessage(tPKey(t SSHException(t deflate_longt _ECDSACurvecBseZdZd„ZRS(sì Represents a specific ECDSA Curve (nistp256, nistp384, etc). Handles the generation of the key format identifier and the selection of the proper hash function. Also grabs the proper curve from the 'ecdsa' package. cCsz||_|j|_d|j|_|jdkrCtj|_n*|jdkratj|_n tj|_||_ dS(Ns ecdsa-sha2-ii€( t nist_nametkey_sizet key_lengthtkey_format_identifierRtSHA256t hash_objecttSHA384tSHA512t curve_class(tselfRR ((s5/usr/lib/python2.7/site-packages/paramiko/ecdsakey.pyt__init__.s   (t__name__t __module__t__doc__R(((s5/usr/lib/python2.7/site-packages/paramiko/ecdsakey.pyR &st_ECDSACurveSetcBs;eZdZd„Zd„Zd„Zd„Zd„ZRS(s° A collection to hold the ECDSA curves. Allows querying by oid and by key format identifier. The two ways in which ECDSAKey needs to be able to look up curves. cCs ||_dS(N(t ecdsa_curves(RR((s5/usr/lib/python2.7/site-packages/paramiko/ecdsakey.pyRFscCsg|jD]}|j^q S(N(RR(Rtcurve((s5/usr/lib/python2.7/site-packages/paramiko/ecdsakey.pytget_key_format_identifier_listIscCs+x$|jD]}|j|kr |Sq WdS(N(RR(RRR((s5/usr/lib/python2.7/site-packages/paramiko/ecdsakey.pytget_by_curve_classLscCs+x$|jD]}|j|kr |Sq WdS(N(RR(RRR((s5/usr/lib/python2.7/site-packages/paramiko/ecdsakey.pytget_by_key_format_identifierQscCs+x$|jD]}|j|kr |Sq WdS(N(RR(RRR((s5/usr/lib/python2.7/site-packages/paramiko/ecdsakey.pytget_by_key_lengthVs(RRRRRRR R!(((s5/usr/lib/python2.7/site-packages/paramiko/ecdsakey.pyR@s     tECDSAKeycBseZdZeeejdƒeejdƒeejdƒgƒZ dddddde d„Z e d„ƒZd„Zd„Zd„Zd „Zd „Zd „Zd „Zd „Zdd„Zdd„Ze ejƒddd„ƒZd„Zd„Zd„Zd„Zd„ZRS(s\ Representation of an ECDSA key which can be used to sign and verify SSH2 data. tnistp256tnistp384tnistp521c Cs­d|_d|_|dk r2|j||ƒdS|dk rR|j||ƒdS|dkry|dk ryt|ƒ}n|dk r¾|\|_|_|jjj}|jj |ƒ|_ në|dkrÙt dƒ‚n|jj |j ƒƒ|_ |j dkrt dƒ‚n|j ƒ} | |j jkrCt d| ƒ‚n|jƒ} y"tjj|j jƒ| ƒ} Wntk rt dƒ‚nX| jdtƒƒ|_dS(NsKey object may not be emptys Invalid keysCan't handle curve of type %ssInvalid public keytbackend(tNonet verifying_keyt signing_keyt_from_private_keyt_from_private_key_fileRRt __class__t _ECDSA_CURVESRt ecdsa_curveR R tget_textR t get_binaryRtEllipticCurvePublicNumberstfrom_encoded_pointRt ValueErrort public_keyR( Rtmsgtdatatfilenametpasswordtvalstfile_objtvalidate_pointtc_classt curvenamet pointinfotnumbers((s5/usr/lib/python2.7/site-packages/paramiko/ecdsakey.pyRhs<           cCs |jjƒS(N(R-R(tcls((s5/usr/lib/python2.7/site-packages/paramiko/ecdsakey.pyt supported_key_format_identifiersŒscCs×|j}tƒ}|j|jjƒ|j|jjƒ|jƒ}|jjdd}t |j dt ƒ}d|t |ƒ|}t |j dt ƒ}d|t |ƒ|}t||}|j|ƒ|jƒS(Niitadd_sign_paddingt(R(Rt add_stringR.RR tpublic_numbersRRR txtFalsetlentyRtasbytes(RtkeytmR?tkey_size_bytestx_bytesty_bytest point_str((s5/usr/lib/python2.7/site-packages/paramiko/ecdsakey.pyRJs    cCs |jƒS(N(RJ(R((s5/usr/lib/python2.7/site-packages/paramiko/ecdsakey.pyt__str__¤scCs\t|jƒƒ}|dt|jjƒjƒ}|dt|jjƒjƒ}t|ƒS(Ni%(thashtget_nameR(RERFRI(Rth((s5/usr/lib/python2.7/site-packages/paramiko/ecdsakey.pyt__hash__§s  cCs |jjS(N(R.R(R((s5/usr/lib/python2.7/site-packages/paramiko/ecdsakey.pyRS­scCs |jjS(N(R.R(R((s5/usr/lib/python2.7/site-packages/paramiko/ecdsakey.pytget_bits°scCs |jdk S(N(R)R'(R((s5/usr/lib/python2.7/site-packages/paramiko/ecdsakey.pytcan_sign³scCsŽtj|jjƒƒ}|jj|ƒ}|j|ƒ|jƒ}t|ƒ\}}t ƒ}|j |jj ƒ|j |j ||ƒƒ|S(N( RtECDSAR.RR)tsignertupdatetfinalizeRRRDRt _sigencode(RR6tecdsaRYtsigtrtsRL((s5/usr/lib/python2.7/site-packages/paramiko/ecdsakey.pyt sign_ssh_data¶s   cCs«|jƒ|jjkrtS|jƒ}|j|ƒ\}}t||ƒ}|jj|t j |jj ƒƒƒ}|j |ƒy|j ƒWntk r¢tSXtSdS(N(R/R.RRGR0t _sigdecodeRR(tverifierRRXRRZtverifyRtTrue(RR6R5R^tsigRtsigSt signatureRc((s5/usr/lib/python2.7/site-packages/paramiko/ecdsakey.pytverify_ssh_sigÂs    cCs&|j||jtjjd|ƒdS(NR8(t_write_private_key_fileR)Rt PrivateFormattTraditionalOpenSSL(RR7R8((s5/usr/lib/python2.7/site-packages/paramiko/ecdsakey.pytwrite_private_key_fileÔs  cCs&|j||jtjjd|ƒdS(NR8(t_write_private_keyR)RRkRl(RR:R8((s5/usr/lib/python2.7/site-packages/paramiko/ecdsakey.pytwrite_private_keyÜs  cCs}|dk rL|jj|ƒ}|dkr=td|ƒ‚n|jƒ}ntj|dtƒƒ}td||j ƒfƒS(s Generate a new private ECDSA key. This factory function can be used to generate a new host key or authentication key. :param function progress_func: Not used for this type of key. :returns: A new private key (`.ECDSAKey`) object sUnsupported key length: %dR&R9N( R'R-R!R3RRtgenerate_private_keyRR"R4(R@Rt progress_functbitst private_key((s5/usr/lib/python2.7/site-packages/paramiko/ecdsakey.pytgenerateäs  cCs&|jd||ƒ}|j|ƒdS(NtEC(t_read_private_key_filet _decode_key(RR7R8R6((s5/usr/lib/python2.7/site-packages/paramiko/ecdsakey.pyR+øscCs&|jd||ƒ}|j|ƒdS(NRu(t_read_private_keyRw(RR:R8R6((s5/usr/lib/python2.7/site-packages/paramiko/ecdsakey.pyR*üscCsy"tj|dddtƒƒ}Wn+ttfk rO}tt|ƒƒ‚nX||_|j ƒ|_ |j j }|j j|ƒ|_dS(NR8R&(Rtload_der_private_keyR'RR3tAssertionErrorR tstrR)R4R(RR,R-RR.(RR6RKteR((s5/usr/lib/python2.7/site-packages/paramiko/ecdsakey.pyRws  cCs-tƒ}|j|ƒ|j|ƒ|jƒS(N(Rt add_mpintRJ(RR_R`R5((s5/usr/lib/python2.7/site-packages/paramiko/ecdsakey.pyR\ s   cCs.t|ƒ}|jƒ}|jƒ}||fS(N(Rt get_mpint(RR^R5R_R`((s5/usr/lib/python2.7/site-packages/paramiko/ecdsakey.pyRbs   N(RRRRR Rt SECP256R1t SECP384R1t SECP521R1R-R'ReRt classmethodRARJRQRURSRVRWRaRiRmRoRtR+R*RwR\Rb(((s5/usr/lib/python2.7/site-packages/paramiko/ecdsakey.pyR"\s2 #            N(Rtcryptography.exceptionsRtcryptography.hazmat.backendsRtcryptography.hazmat.primitivesRRt)cryptography.hazmat.primitives.asymmetricRt/cryptography.hazmat.primitives.asymmetric.utilsRRtparamiko.commonRtparamiko.messageRt paramiko.pkeyR tparamiko.ssh_exceptionR t paramiko.utilR tobjectR RR"(((s5/usr/lib/python2.7/site-packages/paramiko/ecdsakey.pyts