σ θb‹Xc@`seddlmZmZmZddlmZddlmZddlm Z m Z ddl m Z m Z ddlmZmZmZd„Zd„Zd „Zejeƒd efd „ƒYƒZejeƒd efd „ƒYƒZejejƒdefd„ƒYƒZejejƒdefd„ƒYƒZejejƒdefd„ƒYƒZdS(i(tabsolute_importtdivisiontprint_function(tutils(tInvalidSignature(t_calculate_digest_and_algorithmt_truncate_digest(thashest serialization(tAsymmetricSignatureContexttAsymmetricVerificationContexttdsacC`sw|jjdƒ}|jj||jj||jjƒ|j|d|jjkƒ|jj|dƒ}t||ƒS(sς This function truncates digests that are longer than a given DS key's length so they can be signed. OpenSSL does this for us in 1.0.0c+, leaving us with three releases (1.0.0, 1.0.0a, and 1.0.0b) where this is a problem. s BIGNUM **i(t_ffitnewt_libt DSA_get0_pqgtNULLtopenssl_assertt BN_num_bitsR(t dsa_cdatatdigesttbackendtqt order_bits((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/dsa.pyt_truncate_digest_for_dsas  cC`s’|jj|jƒ}|jjd|ƒ}|jjdƒ}|jjd|t|ƒ|||jƒ}|j|dkƒ|j|dƒ|jj|ƒ|d S(Nsunsigned char[]sunsigned int *ii( RtDSA_sizet _dsa_cdataR R tDSA_signtlenRtbuffer(Rt private_keytdatat sig_buf_lentsig_buftbuflentres((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/dsa.pyt _dsa_sig_sign$s !cC`sS|jjd|t|ƒ|t|ƒ|jƒ}|dkrO|jƒt‚ndS(Nii(Rt DSA_verifyRRt_consume_errorsR(Rt public_keyt signatureRR#((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/dsa.pyt_dsa_sig_verify4s  '  t_DSAVerificationContextcB`s#eZd„Zd„Zd„ZRS(cC`sC||_||_||_||_tj|j|jƒ|_dS(N(t_backendt _public_keyt _signaturet _algorithmRtHasht _hash_ctx(tselfRR'R(t algorithm((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/dsa.pyt__init__Bs     cC`s|jj|ƒdS(N(R0tupdate(R1R((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/dsa.pyR4JscC`sJ|jjƒ}t|jj||jƒ}t|j|j|j|ƒdS(N(R0tfinalizeRR,RR+R)R-(R1tdata_to_verify((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/dsa.pytverifyMs (t__name__t __module__R3R4R7(((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/dsa.pyR*@s  t_DSASignatureContextcB`s#eZd„Zd„Zd„ZRS(cC`s:||_||_||_tj|j|jƒ|_dS(N(R+t _private_keyR.RR/R0(R1RRR2((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/dsa.pyR3Zs   cC`s|jj|ƒdS(N(R0R4(R1R((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/dsa.pyR4`scC`s@|jjƒ}t|jj||jƒ}t|j|j|ƒS(N(R0R5RR;RR+R$(R1t data_to_sign((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/dsa.pyR5cs(R8R9R3R4R5(((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/dsa.pyR:Xs  t_DSAParameterscB`s#eZd„Zd„Zd„ZRS(cC`s||_||_dS(N(R+R(R1RR((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/dsa.pyR3ms c C`s|jjjdƒ}|jjjdƒ}|jjjdƒ}|jjj|j|||ƒ|jj|d|jjjkƒ|jj|d|jjjkƒ|jj|d|jjjkƒtj d|jj |dƒd|jj |dƒd|jj |dƒƒS(Ns BIGNUM **itpRtg( R+R R RRRRRR tDSAParameterNumberst _bn_to_int(R1R>RR?((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/dsa.pytparameter_numbersqs### cC`s|jj|ƒS(N(R+tgenerate_dsa_private_key(R1((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/dsa.pytgenerate_private_keys(R8R9R3RBRD(((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/dsa.pyR=ks  t_DSAPrivateKeycB`sVeZd„ZejdƒZd„Zd„Zd„Zd„Z d„Z d„Z RS(cC`sž||_||_||_|jjjdƒ}|jjj|||jjj|jjjƒ|jj|d|jjkƒ|jjj |dƒ|_ dS(Ns BIGNUM **i( R+Rt _evp_pkeyR R RRRRRt _key_size(R1RRtevp_pkeyR>((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/dsa.pyR3…s    " RGcC`st|j||ƒS(N(R:R+(R1tsignature_algorithm((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/dsa.pytsigner“sc C`sγ|jjjdƒ}|jjjdƒ}|jjjdƒ}|jjjdƒ}|jjjdƒ}|jjj|j|||ƒ|jj|d|jjjkƒ|jj|d|jjjkƒ|jj|d|jjjkƒ|jjj|j||ƒ|jj|d|jjjkƒ|jj|d|jjjkƒt j dt j dt j d|jj |dƒd|jj |dƒd|jj |dƒƒd|jj |dƒƒd |jj |dƒƒS( Ns BIGNUM **itpublic_numbersRBR>RR?tytx(R+R R RRRRRt DSA_get0_keyR tDSAPrivateNumberstDSAPublicNumbersR@RA(R1R>RR?tpub_keytpriv_key((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/dsa.pytprivate_numbers–s(#####   cC`s-|jjj|jƒ}|jj||jjjkƒ|jjj||jjjƒ}|jjj dƒ}|jjj |j||jjjƒ|jj|d|jjjkƒ|jjj |dƒ}|jjj |||jjjƒ}|jj|dkƒ|jj |ƒ}t|j||ƒS(Ns BIGNUM **ii(R+Rt DSAparams_dupRRR RtgctDSA_freeR RNtBN_dupt DSA_set0_keyt_dsa_cdata_to_evp_pkeyt _DSAPublicKey(R1RRQt pub_key_dupR#RH((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/dsa.pyR'―s  # cC`sh|jjj|jƒ}|jj||jjjkƒ|jjj||jjjƒ}t |j|ƒS(N( R+RRTRRR RRURVR=(R1R((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/dsa.pyt parametersΒs  cC`s"|jj||||j|jƒS(N(R+t_private_key_bytesRFR(R1tencodingtformattencryption_algorithm((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/dsa.pyt private_bytesΚs  cC`sFt|j||ƒ\}}t|j||jƒ}t|j||ƒS(N(RR+RRR$(R1RR2((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/dsa.pytsignΣs( R8R9R3Rtread_only_propertytkey_sizeRJRSR'R\RaRb(((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/dsa.pyREƒs      RZcB`sMeZd„ZejdƒZd„Zd„Zd„Zd„Z d„Z RS(cC`sž||_||_||_|jjjdƒ}|jjj|||jjj|jjjƒ|jj|d|jjkƒ|jjj |dƒ|_ dS(Ns BIGNUM **i( R+RRFR R RRRRRRG(R1RRRHR>((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/dsa.pyR3έs    " RGcC`s4t|tƒstdƒ‚nt|j|||ƒS(Nssignature must be bytes.(t isinstancetbytest TypeErrorR*R+(R1R(RI((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/dsa.pytverifierκsc C`s’|jjjdƒ}|jjjdƒ}|jjjdƒ}|jjjdƒ}|jjj|j|||ƒ|jj|d|jjjkƒ|jj|d|jjjkƒ|jj|d|jjjkƒ|jjj|j||jjjƒ|jj|d|jjjkƒt j dt j d|jj |dƒd|jj |dƒd|jj |dƒƒd|jj |dƒƒS(Ns BIGNUM **iRBR>RR?RL( R+R R RRRRRRNR RPR@RA(R1R>RR?RQ((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/dsa.pyRKςs"### #  cC`sI|jjj|jƒ}|jjj||jjjƒ}t|j|ƒS(N(R+RRTRR RURVR=(R1R((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/dsa.pyR\s cC`s@|tjjkr!tdƒ‚n|jj||||jdƒS(Ns2DSA public keys do not support PKCS1 serialization(Rt PublicFormattPKCS1t ValueErrorR+t_public_key_bytesRFtNone(R1R^R_((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/dsa.pyt public_bytess  cC`sIt|j||ƒ\}}t|j||jƒ}t|j|||ƒS(N(RR+RRR)(R1R(RR2((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/dsa.pyR7s( R8R9R3RRcRdRhRKR\RnR7(((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/dsa.pyRZΫs     N(t __future__RRRt cryptographyRtcryptography.exceptionsRt*cryptography.hazmat.backends.openssl.utilsRRtcryptography.hazmat.primitivesRRt)cryptography.hazmat.primitives.asymmetricR R R RR$R)tregister_interfacetobjectR*R:tDSAParametersWithNumbersR=tDSAPrivateKeyWithSerializationREtDSAPublicKeyWithSerializationRZ(((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/dsa.pyts$   W