Ð¤Ð°Ð¹Ð»Ð¾Ð²Ñ‹Ð¹ Ð¼ÐµÐ½ÐµÐ´Ð¶ÐµÑ€

Ð¤Ð°Ð¹Ð»Ð¾Ð²Ñ‹Ð¹ Ð¼ÐµÐ½ÐµÐ´Ð¶ÐµÑ€ - Ð ÐµÐ´Ð°ÐºÑ‚Ð¸Ñ€Ð¾Ð²Ð°Ñ‚ÑŒ - /opt/imh-python/lib/python3.9/site-packages/Cryptodome/Signature/__pycache__/DSS.cpython-39.pyc

ÐÐ°Ð·Ð°Ð´
a ��b�h�;��@��s��d�gZ�ddlmZ�ddlmZ�ddlmZ�ddlmZ�ddl m Z �G�dd��de�ZG�d d ��d e�Z G�dd��de�ZG�d d��de�Zddd��ZdS�)�new��)�DerSequence)� long_to_bytes)�Integer)�HMAC)�EccKeyc��@��s@��e�Zd�ZdZdd��Zdd��Zdd��Zdd ��Zd d��Zdd ��Z dS�)�DssSigSchemezoA (EC)DSA signature object. Do not instantiate directly. Use :func:`Cryptodome.Signature.DSS.new`. c��C��s6��\|\|�_�\|\|�_\|\|�_\|�j��\|�_\|�jd�d�d�\|�_dS�)z�Create a new Digital Signature Standard (DSS) object. Do not instantiate this object directly, use `Cryptodome.Signature.DSS.new` instead. ��N)�_key� _encoding�_order�size_in_bits�_order_bits�_order_bytes)�self�key�encoding�order��r��/root/rpmbuild/BUILDROOT/imh-python39-modules-3.9.7-92.el8.x86_64/opt/imh-python/lib/python3.9/site-packages/Cryptodome/Signature/DSS.py�__init__3��s ��zDssSigScheme.__init__c��C��s ��\|�j��S�)zRReturn ``True`` if this signature object can be used for signing messages.)r��has_private�r��r��r��r��can_signA��s��zDssSigScheme.can_signc��C��s��t�d��d�S��NzTo be provided by subclasses��NotImplementedError�r��msg_hashr��r��r��_compute_nonceG��s��zDssSigScheme._compute_noncec��C��s��t�d��d�S�r��r��r��r��r��r��_valid_hashJ��s��zDssSigScheme._valid_hashc��sv��\|�std��\|�}t�\|��d��j��}��j�\|\|�}��j dkrfd� ��fdd�\|D��}nt\|��}\|S�)a��Produce the DSA/ECDSA signature of a message. :parameter msg_hash: The hash that was carried out over the message. The object belongs to the :mod:`Cryptodome.Hash` package. Under mode 'fips-186-3', the hash must be a FIPS approved secure hash (SHA-1 or a member of the SHA-2 family), of cryptographic strength appropriate for the DSA key. For instance, a 3072/256 DSA key can only be used in combination with SHA-512. :type msg_hash: hash object :return: The signature as a byte string :raise ValueError: if the hash algorithm is incompatible to the (EC)DSA key :raise TypeError: if the (EC)DSA key has no private half �Hash is not sufficiently strongN�binary��c��s��g�\|�]}t�\|��j��qS�r��)r��r��.0�xr��r��r�� <listcomp>l��s��z%DssSigScheme.sign.<locals>.<listcomp>) r!�� ValueErrorr ��r�� from_bytes�digestr��r��Z_signr��joinr��encode)r��r��nonce�zZsig_pair�outputr��r��r��signM��s�� zDssSigScheme.signc�� C��sH��\|��\|�std��\|�jdkrbt\|�d\|�j�kr6td��dd��\|d\|�j��\|\|�jd��fD��\}}njzt��j\|dd �}W�n�ttfy��td ��Y�n0�t\|�dks�\|��s�td��t \|d��t \|d ��}}d\|��k�r�\|�j k��rn�nd\|��k��r\|�j k��sn�td��t �\|��d\|�j��}\|�j �\|\|\|f�}\|�sDtd��dS�)a��Check if a certain (EC)DSA signature is authentic. :parameter msg_hash: The hash that was carried out over the message. This is an object belonging to the :mod:`Cryptodome.Hash` module. Under mode 'fips-186-3', the hash must be a FIPS approved secure hash (SHA-1 or a member of the SHA-2 family), of cryptographic strength appropriate for the DSA key. For instance, a 3072/256 DSA key can only be used in combination with SHA-512. :type msg_hash: hash object :parameter signature: The signature that needs to be validated :type signature: byte string :raise ValueError: if the signature is not authentic r"��r#��z'The signature is not authentic (length)c��S��s��g�\|�]}t��\|��qS�r��)r��r��r%��r��r��r��r(��s��z'DssSigScheme.verify.<locals>.<listcomp>NT)�strictz$The signature is not authentic (DER)z,The signature is not authentic (DER content)r��r ��z"The signature is not authentic (d)zThe signature is not authenticF)r!��r)��r��lenr��r��decode� IndexErrorZhasOnlyIntsr��r ��r��r+��r��Z_verify)r��r�� signatureZr_primeZs_primeZder_seqr/��resultr��r��r��verify{��s0�� 8zDssSigScheme.verifyN) �__name__� __module__�__qualname__�__doc__r��r��r ��r!��r1��r9��r��r��r��r��r��-��s��.r��c��sD��e�Zd�Z��fdd�Zdd��Zdd��Zdd��Zd d ��Zdd��Z��Z S�) �DeterministicDsaSigSchemec��s��t�t\|��\|\|\|��\|\|�_d�S��N)�superr>��r��_private_key)r��r��r��r��private_key�� __class__r��r��r��s��z"DeterministicDsaSigScheme.__init__c��C��s8��t��\|�}\|�j��}t\|�d�}\|\|kr4\|\|\|�L�}\|S�)zSee 2.3.2 in RFC6979r ��)r��r��r ��r��r4��)r��bstrr8��Zq_lenZb_lenr��r��r�� _bits2int��s�� z#DeterministicDsaSigScheme._bits2intc��C��s(��d\|��k�r\|�j�k�sn�J��t\|\|�j�S�)zSee 2.3.3 in RFC6979r��)r ��r��r��)r��Z int_mod_qr��r��r��_int2octets��s��z%DeterministicDsaSigScheme._int2octetsc��C��s.��\|��\|�}\|\|�jk�r\|}n \|\|�j�}\|��\|�S�)zSee 2.3.4 in RFC6979)rF��r ��rG��)r��rE��Zz1Zz2r��r��r��_bits2octets��s �� z&DeterministicDsaSigScheme._bits2octetsc��C��s��\|��}d\|j�}d\|j�}dD�]B}t�\|\|\|�\|��\|�j��\|��\|��\|��}t�\|\|\|��}q d}d\|��k�r~\|�jk�s�n�\|dkr�t�\|\|d�\|��}t�\|\|\|��}d}t\|�\|�j k�r�t�\|\|\|��}\|\|7�}q�\|�� \|�}qh\|S�)z!Generate k in a deterministic way��)rJ��rI��r��r$��)r+��digest_sizer��r��rG��rA��rH��r ��r4��r��rF��)r��ZmhashZh1Zmask_vZnonce_kZint_octr.��Zmask_tr��r��r��r ��s4�� z(DeterministicDsaSigScheme._compute_noncec��C��s��dS�)NTr��r��r��r��r��r!��s��z%DeterministicDsaSigScheme._valid_hash) r:��r;��r<��r��rF��rG��rH��r ��r!�� __classcell__r��r��rC��r��r>��s�� (r>��c��s0��e�Zd�ZdZ��fdd�Zdd��Zdd��Z��ZS�)�FipsDsaSigScheme))i��)��)rP��)i��rR��c��sR��t�t\|��\|\|\|��\|\|�_t\|j��}\|\|�jf\|�jvrNd\|\|�jf�}t \|��d�S�)Nz+L/N (%d, %d) is not compliant to FIPS 186-3) r@��rN��r�� _randfuncr��pr��r��_fips_186_3_L_Nr)��)r��r��r��r��randfunc�L�errorrC��r��r��r��s��zFipsDsaSigScheme.__init__c��C��s��t�jd\|�j\|�jd�S��Nr ��)Z min_inclusiveZ max_exclusiverV��)r��random_ranger ��rS��r��r��r��r��r ��s��zFipsDsaSigScheme._compute_noncec��C��s��\|j�dkp\|j��d�S�)zVerify that SHA-1, SHA-2 or SHA-3 are usedz 1.3.14.3.2.26z2.16.840.1.101.3.4.2.)�oid� startswithr��r��r��r��r!��s�� zFipsDsaSigScheme._valid_hash)r:��r;��r<��rU��r��r ��r!��rM��r��r��rC��r��rN��s�� rN��c��s,��e�Zd�Z��fdd�Zdd��Zdd��Z��ZS�)�FipsEcDsaSigSchemec��s��t�t\|��\|\|\|��\|\|�_d�S�r?��)r@��r]��r��rS��)r��r��r��r��rV��rC��r��r��r��s��zFipsEcDsaSigScheme.__init__c��C��s��t�jd\|�jjj\|�jd�S�rY��)r��rZ��r��_curver��rS��r��r��r��r��r ��#��s��z!FipsEcDsaSigScheme._compute_noncec��C��sJ��\|�j�j��}d}d}d}\|j\|v�r\|dkS�\|j\|v�r<\|dkS�\|j\|v�S�dS�)z�Verify that SHA-[23] (256\|384\|512) bits are used to match the security of P-256 (128 bits), P-384 (192 bits) or P-521 (256 bits))z2.16.840.1.101.3.4.2.1z2.16.840.1.101.3.4.2.8)z2.16.840.1.101.3.4.2.2z2.16.840.1.101.3.4.2.9)z2.16.840.1.101.3.4.2.3z2.16.840.1.101.3.4.2.10rR��i��N)r��ZpointQr��r[��)r��r��Zmodulus_bits�sha256�sha384�sha512r��r��r��r!��(��s�� zFipsEcDsaSigScheme._valid_hash)r:��r;��r<��r��r ��r!��rM��r��r��rC��r��r]��s��r]��r#��Nc��C��s��\|dvrt�d\|��t\|�t�r,\|�jj}d}nt\|�j�}d}\|��rNt\|�\|�}nd}\|dkrht \|�\|\|\|�S�\|dkr�t\|�t�r�t \|�\|\|\|�S�t\|�\|\|\|�S�nt�d\|��dS�) a� ��Create a signature object :class:`DSS_SigScheme` that can perform (EC)DSA signature or verification. .. note:: Refer to `NIST SP 800 Part 1 Rev 4`_ (or newer release) for an overview of the recommended key lengths. :parameter key: The key to use for computing the signature (private* keys only) or verifying one: it must be either :class:`Cryptodome.PublicKey.DSA` or :class:`Cryptodome.PublicKey.ECC`. For DSA keys, let ``L`` and ``N`` be the bit lengths of the modulus ``p`` and of ``q``: the pair ``(L,N)`` must appear in the following list, in compliance to section 4.2 of `FIPS 186-4`_: - (1024, 160) legacy only; do not create new signatures with this - (2048, 224) deprecated; do not create new signatures with this - (2048, 256) - (3072, 256) For ECC, only keys over P-256, P384, and P-521 are accepted. :type key: a key object :parameter mode: The parameter can take these values: - 'fips-186-3'. The signature generation is randomized and carried out according to `FIPS 186-3`_: the nonce ``k`` is taken from the RNG. - 'deterministic-rfc6979'. The signature generation is not randomized. See RFC6979_. :type mode: string :parameter encoding: How the signature is encoded. This value determines the output of :meth:`sign` and the input to :meth:`verify`. The following values are accepted: - 'binary' (default), the signature is the raw concatenation of ``r`` and ``s``. It is defined in the IEEE P.1363 standard. For DSA, the size in bytes of the signature is ``N/4`` bytes (e.g. 64 for ``N=256``). For ECDSA, the signature is always twice the length of a point coordinate (e.g. 64 bytes for P-256). - 'der', the signature is a ASN.1 DER SEQUENCE with two INTEGERs (``r`` and ``s``). It is defined in RFC3279_. The size of the signature is variable. :type encoding: string :parameter randfunc: A function that returns random byte strings, of a given length. If omitted, the internal RNG is used. Only applicable for the 'fips-186-3' mode. :type randfunc: callable .. _FIPS 186-3: http://csrc.nist.gov/publications/fips/fips186-3/fips_186-3.pdf .. _FIPS 186-4: http://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-4.pdf .. _NIST SP 800 Part 1 Rev 4: http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-57pt1r4.pdf .. _RFC6979: http://tools.ietf.org/html/rfc6979 .. _RFC3279: https://tools.ietf.org/html/rfc3279#section-2.2.2 )r#��ZderzUnknown encoding '%s'�dr'��Nzdeterministic-rfc6979z fips-186-3zUnknown DSS mode '%s')r)�� isinstancer��r^��r��r��qr��getattrr>��r]��rN��)r��moder��rV��r��Zprivate_key_attrrB��r��r��r��r��;��s"��K )r#��N)�__all__ZCryptodome.Util.asn1r��ZCryptodome.Util.numberr��ZCryptodome.Math.Numbersr��ZCryptodome.Hashr��ZCryptodome.PublicKey.ECCr��objectr��r>��rN��r]��r��r��r��r��r��<module>"��s��N"

| ver. 1.1 | | . | PHP 8.3.30 | Ð“ÐµÐ½ÐµÑ€Ð°Ñ†Ð¸Ñ ÑÑ‚Ñ€Ð°Ð½Ð¸Ñ†Ñ‹: 0 | proxy | phpinfo | ÐÐ°ÑÑ‚Ñ€Ð¾Ð¹ÐºÐ°