o 5 h0@srddlmZddlmZmZddlmZmZddlm Z m Z m Z m Z ddZ ddZGd d d eZdd d Zd S))Integer)SHA512SHAKE256)bchris_bytes)EccKey construct_import_ed25519_public_key_import_ed448_public_keycCsZt|dkrt|\}}d}nt|dkrt|\}}d}ntdt|t|||dS)aCreate a new Ed25519 or Ed448 public key object, starting from the key encoded as raw ``bytes``, in the format described in RFC8032. Args: encoded (bytes): The EdDSA public key to import. It must be 32 bytes for Ed25519, and 57 bytes for Ed448. Returns: :class:`Crypto.PublicKey.EccKey` : a new ECC key object. Raises: ValueError: when the given key cannot be parsed. Ed255199Ed448zNot an EdDSA key (%d bytes))curvepoint_xpoint_y)lenr r ValueErrorr)encodedxy curve_namerj/var/www/html/construction_image-detection-poc/venv/lib/python3.10/site-packages/Crypto/Signature/eddsa.pyimport_public_key)s    rcCs8t|dkr d}n t|dkrd}ntdt||dS)aCreate a new Ed25519 or Ed448 private key object, starting from the key encoded as raw ``bytes``, in the format described in RFC8032. Args: encoded (bytes): The EdDSA private key to import. It must be 32 bytes for Ed25519, and 57 bytes for Ed448. Returns: :class:`Crypto.PublicKey.EccKey` : a new ECC key object. Raises: ValueError: when the given key cannot be parsed. r ed25519r ed448z8Incorrect length. Only EdDSA private keys are supported.)seedr)rrr)rrrrrimport_private_keyEs   rc@sPeZdZdZddZddZddZdd Zd d Zd d Z ddZ ddZ dS)EdDSASigSchemezlAn EdDSA signature object. Do not instantiate directly. Use :func:`Crypto.Signature.eddsa.new`. cCs$||_||_||_|jj|_dS)zCreate a new EdDSA object. Do not instantiate this object directly, use `Crypto.Signature.DSS.new` instead. N)_key_context_export_eddsa_public_A_curveorder_order)selfkeycontextrrr__init__is zEdDSASigScheme.__init__cCs |jS)zRReturn ``True`` if this signature object can be used for signing messages.)r has_private)r'rrrcan_signus zEdDSASigScheme.can_signcCs|js td|jjdkr#t|tj}|st|std|j}n|jjdkr=t|t j }|s9t|s9td|j }nt d|||S)aJCompute the EdDSA signature of a message. Args: msg_or_hash (bytes or a hash object): The message to sign (``bytes``, in case of *PureEdDSA*) or the hash that was carried out over the message (hash object, for *HashEdDSA*). The hash object must be :class:`Crypto.Hash.SHA512` for Ed25519, and :class:`Crypto.Hash.SHAKE256` object for Ed448. :return: The signature as ``bytes``. It is always 64 bytes for Ed25519, and 114 bytes for Ed448. :raise TypeError: if the EdDSA key has no private half zPrivate key is needed to signr -'msg_or_hash' must be bytes of a SHA-512 hashr.'msg_or_hash' must be bytes of a SHAKE256 hashIncorrect curve for EdDSA) r r+ TypeErrorr isinstancer SHA512Hashr _sign_ed25519r SHAKE256_XOF _sign_ed448r)r' msg_or_hashpheddsa_sign_methodrrrsign{s        zEdDSASigScheme.signc Cs|js|rt|}dt|tt|j|j}nd}|r"|n|}t||jj|}t |d|j }t ||jj jd}t|||j|} t | d|j } || |jj|j } || ddS)N SigEd25519 no Ed25519 collisionslittlepointr )r!intrrdigestrnewr _prefixr from_bytesr&rr$Gr"r#dto_bytes) r'r6r7flagdom2PHMr_hashrR_pkk_hashksrrrr3s   zEdDSASigScheme._sign_ed25519c Cst|}dt|tt|j|j}|r|dn|}t||jj|d}t |d|j }t ||jj jd}t|||j|d} t | d|j } || |jj|j } || ddS)NSigEd448@rr<r=r )r?rrr!readrrAr rBrrCr&rr$rDr"r#rErF) r'r6r7rGdom4rIrJrKrLrMrNrOrrrr5s  zEdDSASigScheme._sign_ed448cCs||jjdkrt|tj}|st|std|j}n|jjdkr4t|tj }|s0t|s0td|j }nt d||||S)aCheck if an EdDSA signature is authentic. Args: msg_or_hash (bytes or a hash object): The message to verify (``bytes``, in case of *PureEdDSA*) or the hash that was carried out over the message (hash object, for *HashEdDSA*). The hash object must be :class:`Crypto.Hash.SHA512` object for Ed25519, and :class:`Crypto.Hash.SHAKE256` for Ed448. signature (``bytes``): The signature that needs to be validated. It must be 64 bytes for Ed25519, and 114 bytes for Ed448. :raise ValueError: if the signature is not authentic r r-rr.r/) r rr1rr2rr0_verify_ed25519rr4 _verify_ed448r)r'r6 signaturer7eddsa_verify_methodrrrverifys       zEdDSASigScheme.verifyc Cs$t|dkr td|js|r$t|}dt|tt|j|j}nd}|r,|n|}z t|ddj}Wn tyDtdwt |ddd}||j krXtdt ||dd|j |} t | d|j } |d |jjj} d || d |jj} | | krtd dS) NrQ'The signature is not authentic (length)r:r;r "The signature is not authentic (R)r<"The signature is not authentic (S)The signature is not authentic)rrr!r?rr@rpointQrrCr&rrAr#r r$rD) r'r6rWr7rGrHrIRrOrMrNpoint1point2rrrrUs4      $zEdDSASigScheme._verify_ed25519c Cst|dkr tdt|}dt|tt|j|j}|r%|dn|}z t|ddj}Wn ty=tdwt |ddd}||j krQtdt ||dd|j |d} t | d|j } |d |jjj} d || d |jj} | | krtd dS) NrRrZrPrQr r[r<r\r]r^)rrr?rr!rSrr_rrCr&rrAr#r r$rD) r'r6rWr7rGrTrIr`rOrMrNrarbrrrrVs0     &zEdDSASigScheme._verify_ed448N) __name__ __module__ __qualname____doc__r*r,r9r3r5rYrUrVrrrrrcs ## #rNcCsXt|tr |jdvrtd|dkrtd|durd}n t|dkr'tdt||S) aCreate a signature object :class:`EdDSASigScheme` that can perform or verify an EdDSA signature. Args: key (:class:`Crypto.PublicKey.ECC` object): The key to use for computing the signature (*private* keys only) or for verifying one. The key must be on the curve ``Ed25519`` or ``Ed448``. mode (string): This parameter must be ``'rfc8032'``. context (bytes): Up to 255 bytes of `context `_, which is a constant byte string to segregate different protocols or different applications of the same key. )r rz&EdDSA can only be used with EdDSA keysrfc8032zMode must be 'rfc8032'Nr;z3Context for EdDSA must not be longer than 255 bytes)r1rrrrr)r(moder)rrrrA9s  rA)N)Crypto.Math.Numbersr Crypto.HashrrCrypto.Util.py3compatrrCrypto.PublicKey.ECCrrr r rrobjectrrArrrrs W