ansible-later/testenv/lib/python2.7/site-packages/cryptography/hazmat/backends/openssl/ed25519.py

# This file is dual licensed under the terms of the Apache License, Version
# 2.0, and the BSD License. See the LICENSE file in the root of this repository
# for complete details.

from __future__ import absolute_import, division, print_function

from cryptography import exceptions, utils
from cryptography.hazmat.primitives import serialization
from cryptography.hazmat.primitives.asymmetric.ed25519 import (
    Ed25519PrivateKey, Ed25519PublicKey, _ED25519_KEY_SIZE, _ED25519_SIG_SIZE
)


@utils.register_interface(Ed25519PublicKey)
class _Ed25519PublicKey(object):
    def __init__(self, backend, evp_pkey):
        self._backend = backend
        self._evp_pkey = evp_pkey

    def public_bytes(self, encoding, format):
        if (
            encoding is serialization.Encoding.Raw or
            format is serialization.PublicFormat.Raw
        ):
            if (
                encoding is not serialization.Encoding.Raw or
                format is not serialization.PublicFormat.Raw
            ):
                raise ValueError(
                    "When using Raw both encoding and format must be Raw"
                )

            return self._raw_public_bytes()

        if (
            encoding in serialization._PEM_DER and
            format is not serialization.PublicFormat.SubjectPublicKeyInfo
        ):
            raise ValueError(
                "format must be SubjectPublicKeyInfo when encoding is PEM or "
                "DER"
            )

        return self._backend._public_key_bytes(
            encoding, format, self, self._evp_pkey, None
        )

    def _raw_public_bytes(self):
        buf = self._backend._ffi.new("unsigned char []", _ED25519_KEY_SIZE)
        buflen = self._backend._ffi.new("size_t *", _ED25519_KEY_SIZE)
        res = self._backend._lib.EVP_PKEY_get_raw_public_key(
            self._evp_pkey, buf, buflen
        )
        self._backend.openssl_assert(res == 1)
        self._backend.openssl_assert(buflen[0] == _ED25519_KEY_SIZE)
        return self._backend._ffi.buffer(buf, _ED25519_KEY_SIZE)[:]

    def verify(self, signature, data):
        evp_md_ctx = self._backend._lib.Cryptography_EVP_MD_CTX_new()
        self._backend.openssl_assert(evp_md_ctx != self._backend._ffi.NULL)
        evp_md_ctx = self._backend._ffi.gc(
            evp_md_ctx, self._backend._lib.Cryptography_EVP_MD_CTX_free
        )
        res = self._backend._lib.EVP_DigestVerifyInit(
            evp_md_ctx, self._backend._ffi.NULL, self._backend._ffi.NULL,
            self._backend._ffi.NULL, self._evp_pkey
        )
        self._backend.openssl_assert(res == 1)
        res = self._backend._lib.EVP_DigestVerify(
            evp_md_ctx, signature, len(signature), data, len(data)
        )
        if res != 1:
            self._backend._consume_errors()
            raise exceptions.InvalidSignature


@utils.register_interface(Ed25519PrivateKey)
class _Ed25519PrivateKey(object):
    def __init__(self, backend, evp_pkey):
        self._backend = backend
        self._evp_pkey = evp_pkey

    def public_key(self):
        buf = self._backend._ffi.new("unsigned char []", _ED25519_KEY_SIZE)
        buflen = self._backend._ffi.new("size_t *", _ED25519_KEY_SIZE)
        res = self._backend._lib.EVP_PKEY_get_raw_public_key(
            self._evp_pkey, buf, buflen
        )
        self._backend.openssl_assert(res == 1)
        self._backend.openssl_assert(buflen[0] == _ED25519_KEY_SIZE)
        public_bytes = self._backend._ffi.buffer(buf)[:]
        return self._backend.ed25519_load_public_bytes(public_bytes)

    def sign(self, data):
        evp_md_ctx = self._backend._lib.Cryptography_EVP_MD_CTX_new()
        self._backend.openssl_assert(evp_md_ctx != self._backend._ffi.NULL)
        evp_md_ctx = self._backend._ffi.gc(
            evp_md_ctx, self._backend._lib.Cryptography_EVP_MD_CTX_free
        )
        res = self._backend._lib.EVP_DigestSignInit(
            evp_md_ctx, self._backend._ffi.NULL, self._backend._ffi.NULL,
            self._backend._ffi.NULL, self._evp_pkey
        )
        self._backend.openssl_assert(res == 1)
        buf = self._backend._ffi.new("unsigned char[]", _ED25519_SIG_SIZE)
        buflen = self._backend._ffi.new("size_t *", len(buf))
        res = self._backend._lib.EVP_DigestSign(
            evp_md_ctx, buf, buflen, data, len(data)
        )
        self._backend.openssl_assert(res == 1)
        self._backend.openssl_assert(buflen[0] == _ED25519_SIG_SIZE)
        return self._backend._ffi.buffer(buf, buflen[0])[:]

    def private_bytes(self, encoding, format, encryption_algorithm):
        if (
            encoding is serialization.Encoding.Raw or
            format is serialization.PublicFormat.Raw
        ):
            if (
                format is not serialization.PrivateFormat.Raw or
                encoding is not serialization.Encoding.Raw or not
                isinstance(encryption_algorithm, serialization.NoEncryption)
            ):
                raise ValueError(
                    "When using Raw both encoding and format must be Raw "
                    "and encryption_algorithm must be NoEncryption"
                )

            return self._raw_private_bytes()

        if (
            encoding in serialization._PEM_DER and
            format is not serialization.PrivateFormat.PKCS8
        ):
            raise ValueError(
                "format must be PKCS8 when encoding is PEM or DER"
            )

        return self._backend._private_key_bytes(
            encoding, format, encryption_algorithm, self._evp_pkey, None
        )

    def _raw_private_bytes(self):
        buf = self._backend._ffi.new("unsigned char []", _ED25519_KEY_SIZE)
        buflen = self._backend._ffi.new("size_t *", _ED25519_KEY_SIZE)
        res = self._backend._lib.EVP_PKEY_get_raw_private_key(
            self._evp_pkey, buf, buflen
        )
        self._backend.openssl_assert(res == 1)
        self._backend.openssl_assert(buflen[0] == _ED25519_KEY_SIZE)
        return self._backend._ffi.buffer(buf, _ED25519_KEY_SIZE)[:]
fixes for package include data 2019-04-23 11:04:27 +00:00			`# This file is dual licensed under the terms of the Apache License, Version`
			`# 2.0, and the BSD License. See the LICENSE file in the root of this repository`
			`# for complete details.`

			`from __future__ import absolute_import, division, print_function`

			`from cryptography import exceptions, utils`
			`from cryptography.hazmat.primitives import serialization`
			`from cryptography.hazmat.primitives.asymmetric.ed25519 import (`
			`Ed25519PrivateKey, Ed25519PublicKey, _ED25519_KEY_SIZE, _ED25519_SIG_SIZE`
			`)`


			`@utils.register_interface(Ed25519PublicKey)`
			`class _Ed25519PublicKey(object):`
			`def __init__(self, backend, evp_pkey):`
			`self._backend = backend`
			`self._evp_pkey = evp_pkey`

			`def public_bytes(self, encoding, format):`
			`if (`
			`encoding is serialization.Encoding.Raw or`
			`format is serialization.PublicFormat.Raw`
			`):`
			`if (`
			`encoding is not serialization.Encoding.Raw or`
			`format is not serialization.PublicFormat.Raw`
			`):`
			`raise ValueError(`
			`"When using Raw both encoding and format must be Raw"`
			`)`

			`return self._raw_public_bytes()`

			`if (`
			`encoding in serialization._PEM_DER and`
			`format is not serialization.PublicFormat.SubjectPublicKeyInfo`
			`):`
			`raise ValueError(`
			`"format must be SubjectPublicKeyInfo when encoding is PEM or "`
			`"DER"`
			`)`

			`return self._backend._public_key_bytes(`
			`encoding, format, self, self._evp_pkey, None`
			`)`

			`def _raw_public_bytes(self):`
			`buf = self._backend._ffi.new("unsigned char []", _ED25519_KEY_SIZE)`
			`buflen = self._backend._ffi.new("size_t *", _ED25519_KEY_SIZE)`
			`res = self._backend._lib.EVP_PKEY_get_raw_public_key(`
			`self._evp_pkey, buf, buflen`
			`)`
			`self._backend.openssl_assert(res == 1)`
			`self._backend.openssl_assert(buflen[0] == _ED25519_KEY_SIZE)`
			`return self._backend._ffi.buffer(buf, _ED25519_KEY_SIZE)[:]`

			`def verify(self, signature, data):`
			`evp_md_ctx = self._backend._lib.Cryptography_EVP_MD_CTX_new()`
			`self._backend.openssl_assert(evp_md_ctx != self._backend._ffi.NULL)`
			`evp_md_ctx = self._backend._ffi.gc(`
			`evp_md_ctx, self._backend._lib.Cryptography_EVP_MD_CTX_free`
			`)`
			`res = self._backend._lib.EVP_DigestVerifyInit(`
			`evp_md_ctx, self._backend._ffi.NULL, self._backend._ffi.NULL,`
			`self._backend._ffi.NULL, self._evp_pkey`
			`)`
			`self._backend.openssl_assert(res == 1)`
			`res = self._backend._lib.EVP_DigestVerify(`
			`evp_md_ctx, signature, len(signature), data, len(data)`
			`)`
			`if res != 1:`
			`self._backend._consume_errors()`
			`raise exceptions.InvalidSignature`


			`@utils.register_interface(Ed25519PrivateKey)`
			`class _Ed25519PrivateKey(object):`
			`def __init__(self, backend, evp_pkey):`
			`self._backend = backend`
			`self._evp_pkey = evp_pkey`

			`def public_key(self):`
			`buf = self._backend._ffi.new("unsigned char []", _ED25519_KEY_SIZE)`
			`buflen = self._backend._ffi.new("size_t *", _ED25519_KEY_SIZE)`
			`res = self._backend._lib.EVP_PKEY_get_raw_public_key(`
			`self._evp_pkey, buf, buflen`
			`)`
			`self._backend.openssl_assert(res == 1)`
			`self._backend.openssl_assert(buflen[0] == _ED25519_KEY_SIZE)`
			`public_bytes = self._backend._ffi.buffer(buf)[:]`
			`return self._backend.ed25519_load_public_bytes(public_bytes)`

			`def sign(self, data):`
			`evp_md_ctx = self._backend._lib.Cryptography_EVP_MD_CTX_new()`
			`self._backend.openssl_assert(evp_md_ctx != self._backend._ffi.NULL)`
			`evp_md_ctx = self._backend._ffi.gc(`
			`evp_md_ctx, self._backend._lib.Cryptography_EVP_MD_CTX_free`
			`)`
			`res = self._backend._lib.EVP_DigestSignInit(`
			`evp_md_ctx, self._backend._ffi.NULL, self._backend._ffi.NULL,`
			`self._backend._ffi.NULL, self._evp_pkey`
			`)`
			`self._backend.openssl_assert(res == 1)`
			`buf = self._backend._ffi.new("unsigned char[]", _ED25519_SIG_SIZE)`
			`buflen = self._backend._ffi.new("size_t *", len(buf))`
			`res = self._backend._lib.EVP_DigestSign(`
			`evp_md_ctx, buf, buflen, data, len(data)`
			`)`
			`self._backend.openssl_assert(res == 1)`
			`self._backend.openssl_assert(buflen[0] == _ED25519_SIG_SIZE)`
			`return self._backend._ffi.buffer(buf, buflen[0])[:]`

			`def private_bytes(self, encoding, format, encryption_algorithm):`
			`if (`
			`encoding is serialization.Encoding.Raw or`
			`format is serialization.PublicFormat.Raw`
			`):`
			`if (`
			`format is not serialization.PrivateFormat.Raw or`
			`encoding is not serialization.Encoding.Raw or not`
			`isinstance(encryption_algorithm, serialization.NoEncryption)`
			`):`
			`raise ValueError(`
			`"When using Raw both encoding and format must be Raw "`
			`"and encryption_algorithm must be NoEncryption"`
			`)`

			`return self._raw_private_bytes()`

			`if (`
			`encoding in serialization._PEM_DER and`
			`format is not serialization.PrivateFormat.PKCS8`
			`):`
			`raise ValueError(`
			`"format must be PKCS8 when encoding is PEM or DER"`
			`)`

			`return self._backend._private_key_bytes(`
			`encoding, format, encryption_algorithm, self._evp_pkey, None`
			`)`

			`def _raw_private_bytes(self):`
			`buf = self._backend._ffi.new("unsigned char []", _ED25519_KEY_SIZE)`
			`buflen = self._backend._ffi.new("size_t *", _ED25519_KEY_SIZE)`
			`res = self._backend._lib.EVP_PKEY_get_raw_private_key(`
			`self._evp_pkey, buf, buflen`
			`)`
			`self._backend.openssl_assert(res == 1)`
			`self._backend.openssl_assert(buflen[0] == _ED25519_KEY_SIZE)`
			`return self._backend._ffi.buffer(buf, _ED25519_KEY_SIZE)[:]`