7g-dZddlmZmZddlmZddlmZmZddl m Z ddl m Z m Z ddlmZddlmZdd lmZdd lmZdd lmZGd d ZGddZGddeZdS)z ECDSA keys )InvalidSignatureUnsupportedAlgorithm)default_backend)hashes serialization)ec)decode_dss_signatureencode_dss_signature) four_byte)Message)PKey) SSHException) deflate_longceZdZdZdZdS) _ECDSACurvez Represents a specific ECDSA Curve (nistp256, nistp384, etc). Handles the generation of the key format identifier and the selection of the proper hash function. Also grabs the proper curve from the 'ecdsa' package. c||_|j|_d|jz|_|jdkrtj|_n.|jdkrtj|_ntj|_||_ dS)N ecdsa-sha2-i) nist_namekey_size key_lengthkey_format_identifierrSHA256 hash_objectSHA384SHA512 curve_class)selfrrs K/var/www/html/syslog/venv/lib/python3.11/site-packages/paramiko/ecdsakey.py__init__z_ECDSACurve.__init__0sr"%.&3T^%C" ?c ! !%}D   _ # #%}D  %}D &N)__name__ __module__ __qualname____doc__r r!rrr's-'''''r!rc0eZdZdZdZdZdZdZdZdS)_ECDSACurveSetz A collection to hold the ECDSA curves. Allows querying by oid and by key format identifier. The two ways in which ECDSAKey needs to be able to look up curves. c||_dSN ecdsa_curves)rr,s rr z_ECDSACurveSet.__init__Is(r!c$d|jDS)Ncg|] }|j Sr&)r).0curves r zA_ECDSACurveSet.get_key_format_identifier_list..MsKKK+KKKr!r+rs rget_key_format_identifier_listz-_ECDSACurveSet.get_key_format_identifier_listLsKK9JKKKKr!c8|jD]}|j|kr|cSdSr*)r,r)rrr0s rget_by_curve_classz!_ECDSACurveSet.get_by_curve_classOs:&  E K// 0  r!c8|jD]}|j|kr|cSdSr*)r,r)rrr0s rget_by_key_format_identifierz+_ECDSACurveSet.get_by_key_format_identifierTs<&  E*.CCC D  r!c8|jD]}|j|kr|cSdSr*)r,r)rrr0s rget_by_key_lengthz _ECDSACurveSet.get_by_key_lengthYs:&  E:-- .  r!N) r"r#r$r%r r3r5r7r9r&r!rr(r(Bsl )))LLL  r!r(creZdZdZeeejdeejdeej dgZ ddZ e dZ e d Zd Zd Zed Zd ZdZdZddZdZddZddZe ejddfdZdZdZdZdZdZdS)ECDSAKeyz\ Representation of an ECDSA key which can be used to sign and verify SSH2 data. nistp256nistp384nistp521NTcd|_d|_d|_||||dS||||dS||t |}|A|\|_|_|jjj}|j ||_ dS| } d} | | r| dt|  } |j| |_ |j} d| D} ||| | | } | |j jkr"t%d| |} t*j|j |}||_dS#t2$rt%dwxYw)Nz-cert-v01@openssh.comc8g|]}d|S)z{}-cert-v01@openssh.com)format)r/xs rr1z%ECDSAKey.__init__..s489)0033r!)msgkey_type cert_typezCan't handle curve of type {}zInvalid public key) verifying_key signing_key public_blob_from_private_key_from_private_key_filer r0 __class__ _ECDSA_CURVESr5 ecdsa_curveget_textendswithlenr7r3_check_type_and_load_certrrrA get_binaryrEllipticCurvePublicKeyfrom_encoded_pointr ValueError)rrCdatafilenamepasswordvalsfile_objvalidate_pointc_classrDsuffix key_types cert_types curvename pointinfokeys rr zECDSAKey.__init__ms/"    " "8X 6 6 6 F    ' '( ; ; ; F Kd.$--C  37 0D d0&,6G#1DDWMMD   ||~~H -F  (( 4#Ns6{{lN3#1NN  D *IIKKI=FJ  * *)z +    ID,666"3::9EE((I 9/BB$0022I&)""" 9 9 9"#7888 9s >GG4c4|jSr*)rLr3clss r identifierszECDSAKey.identifierss ??AAAr!c*|Sr*)rfrds r supported_key_format_identifiersz)ECDSAKey.supported_key_format_identifierss   r!c|j}t}||jj||jj|}|jjdzdz}t|j d}d|t|z z|z}t|j d}d|t|z z|z}t|z|z}|||S)NF)add_sign_padding)rFr add_stringrMrrpublic_numbersr0rrrBrPyr asbytes)rrbmnumberskey_size_bytesx_bytesy_bytes point_strs rrqzECDSAKey.asbytess  II T%;<<< T%/000$$&&),q0Q6wy5AAA^c'll:;gEwy5AAA^c'll:;gE''1  Yyy{{r!c*|Sr*)rqr2s r__str__zECDSAKey.__str__s||~~r!c||jj|jjfSr*)get_namerFrorBrpr2s r_fieldszECDSAKey._fieldssC MMOO   - - / / 1   - - / / 1  r!c|jjSr*)rMrr2s rr{zECDSAKey.get_names55r!c|jjSr*)rMrr2s rget_bitszECDSAKey.get_bitss**r!c|jduSr*)rGr2s rcan_signzECDSAKey.can_signst++r!cbtj|j}|j||}t |\}}t}||jj || |||Sr*) rECDSArMrrGsignr r rnr _sigencode)rrV algorithmecdsasigrsrrs r sign_ssh_datazECDSAKey.sign_ssh_datas)557788##D%00#C((1 II T%;<<< T__Q**+++r!ct||jjkrdS|}||\}}t ||} |j||tj |j dS#t$rYdSwxYw)NFT) rNrMrrR _sigdecoder rFverifyrrrr)rrVrCrsigRsigS signatures rverify_ssh_sigzECDSAKey.verify_ssh_sigs <<>>T-C C C5nn__S)) d(t44     % %4$*:*F*F*H*H!I!I    4    55 s"AB)) B76B7c`|||jtjj|dSN)rX)_write_private_key_filerGr PrivateFormatTraditionalOpenSSL)rrWrXs rwrite_private_key_filezECDSAKey.write_private_key_files> $$     ' : %     r!c`|||jtjj|dSr)_write_private_keyrGrrr)rrZrXs rwrite_private_keyzECDSAKey.write_private_keys>      ' :      r!c6|R|j|}|"td||}t j|t}t|| fS)a Generate a new private ECDSA key. This factory function can be used to generate a new host key or authentication key. :param progress_func: Not used for this type of key. :returns: A new private key (`.ECDSAKey`) object NzUnsupported key length: {:d})backend)rY) rLr9rUrArrgenerate_private_keyrr; public_key)rer0 progress_funcbits private_keys rgeneratezECDSAKey.generates  %77==E} !?!F!Ft!L!LMMM%%''E-e_=N=NOOO k;+A+A+C+CDEEEEr!c^|d||}||dSNEC)_read_private_key_file _decode_key)rrWrXrVs rrJzECDSAKey._from_private_key_files3**48DD r!c^|d||}||dSr)_read_private_keyr)rrZrXrVs rrIzECDSAKey._from_private_keys3%%dHh?? r!c|\}}||jkrg tj|dt}n@#tt t tf$r!}tt|d}~wwxYw||j kr t|}| }| }|}d|z} |j| } | stdt#j|| t}nC#t($r!}tt|d}~wwxYw||||_||_|jj} |j| |_dS)N)rXrrzInvalid key curve identifier)_PRIVATE_KEY_FORMAT_ORIGINALrload_der_private_keyrrUAssertionError TypeErrorrrstr_PRIVATE_KEY_FORMAT_OPENSSHr rNrR get_mpintrLr7rderive_private_keyr Exception_got_bad_key_format_idrGrrFr0rKr5rM) rrVpkformatrberC curve_nameverkeysigkeynamer0rs rrzECDSAKey._decode_key"s$ t8 8 8 +#841B1B$  + + + #3q66***  +9 9 9 +dmm \\^^ ))$z1*GGMMG&'EFFF+E--//1B1B + + +#3q66*** +  ' ' 1 1 1 ^^--i) -@@MMs.#7A5A00A5B/D44 E>EEct}|||||Sr*)r add_mpintrq)rrrrCs rrzECDSAKey._sigencodeIs=ii a a{{}}r!cxt|}|}|}||fSr*)r r)rrrCrrs rrzECDSAKey._sigdecodeOs0cll MMOO MMOO!t r!)NNNNNNTr*) r"r#r$r%r(rr SECP256R1 SECP384R1 SECP521R1rLr classmethodrfrhrqrypropertyr|r{rrrrrrrrJrIrrrr&r!rr;r;_s #N K j 1 1 K j 1 1 K j 1 1 M   <9<9<9<9|BB[B!![!(  X 666+++,,,         (BLNN$TFFF[F&%N%N%NN r!r;N)r%cryptography.exceptionsrrcryptography.hazmat.backendsrcryptography.hazmat.primitivesrr)cryptography.hazmat.primitives.asymmetricr/cryptography.hazmat.primitives.asymmetric.utilsr r paramiko.commonr paramiko.messager paramiko.pkeyr paramiko.ssh_exceptionr paramiko.utilrrr(r;r&r!rrsx&KJJJJJJJ888888@@@@@@@@888888 &%%%%%$$$$$$//////&&&&&&''''''''6:tttttttttttr!