Inicio Explorar Axuda
Rexistro Iniciar sesión
dayuan
/
manyi
6
0
Fork 0
Ficheiros Incidencias 0 Pull Requests 0 Wiki
Árbore: 34216f9fac
Ramas Etiquetas
manyi
/
venv
/
Lib
/
site-packages
/
cryptography
/
hazmat
/
backends
/
openssl
/
utils.py

utils.py 2.2 KB
Histórico Raw

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465 
  1. # This file is dual licensed under the terms of the Apache License, Version
    2. 

  2. # 2.0, and the BSD License. See the LICENSE file in the root of this repository
    3. 

  3. # for complete details.
    4. 

  4. 

  5. from __future__ import absolute_import, division, print_function
    6. 

  6. 

  7. import warnings
    8. 

  8. 

  9. from cryptography import utils
    10. 

  10. from cryptography.hazmat.primitives import hashes
    11. 

  11. from cryptography.hazmat.primitives.asymmetric.utils import Prehashed
    12. 

  12. 

  13. 

  14. def _evp_pkey_derive(backend, evp_pkey, peer_public_key):
    15. 

  15.     ctx = backend._lib.EVP_PKEY_CTX_new(evp_pkey, backend._ffi.NULL)
    16. 

  16.     backend.openssl_assert(ctx != backend._ffi.NULL)
    17. 

  17.     ctx = backend._ffi.gc(ctx, backend._lib.EVP_PKEY_CTX_free)
    18. 

  18.     res = backend._lib.EVP_PKEY_derive_init(ctx)
    19. 

  19.     backend.openssl_assert(res == 1)
    20. 

  20.     res = backend._lib.EVP_PKEY_derive_set_peer(ctx, peer_public_key._evp_pkey)
    21. 

  21.     backend.openssl_assert(res == 1)
    22. 

  22.     keylen = backend._ffi.new("size_t *")
    23. 

  23.     res = backend._lib.EVP_PKEY_derive(ctx, backend._ffi.NULL, keylen)
    24. 

  24.     backend.openssl_assert(res == 1)
    25. 

  25.     backend.openssl_assert(keylen[0] > 0)
    26. 

  26.     buf = backend._ffi.new("unsigned char[]", keylen[0])
    27. 

  27.     res = backend._lib.EVP_PKEY_derive(ctx, buf, keylen)
    28. 

  28.     if res != 1:
    29. 

  29.         raise ValueError("Null shared key derived from public/private pair.")
    30. 

  30. 

  31.     return backend._ffi.buffer(buf, keylen[0])[:]
    32. 

  32. 

  33. 

  34. def _calculate_digest_and_algorithm(backend, data, algorithm):
    35. 

  35.     if not isinstance(algorithm, Prehashed):
    36. 

  36.         hash_ctx = hashes.Hash(algorithm, backend)
    37. 

  37.         hash_ctx.update(data)
    38. 

  38.         data = hash_ctx.finalize()
    39. 

  39.     else:
    40. 

  40.         algorithm = algorithm._algorithm
    41. 

  41. 

  42.     if len(data) != algorithm.digest_size:
    43. 

  43.         raise ValueError(
    44. 

  44.             "The provided data must be the same length as the hash "
    45. 

  45.             "algorithm's digest size."
    46. 

  46.         )
    47. 

  47. 

  48.     return (data, algorithm)
    49. 

  49. 

  50. 

  51. def _check_not_prehashed(signature_algorithm):
    52. 

  52.     if isinstance(signature_algorithm, Prehashed):
    53. 

  53.         raise TypeError(
    54. 

  54.             "Prehashed is only supported in the sign and verify methods. "
    55. 

  55.             "It cannot be used with signer or verifier."
    56. 

  56.         )
    57. 

  57. 

  58. 

  59. def _warn_sign_verify_deprecated():
    60. 

  60.     warnings.warn(
    61. 

  61.         "signer and verifier have been deprecated. Please use sign "
    62. 

  62.         "and verify instead.",
    63. 

  63.         utils.PersistentlyDeprecated2017,
    64. 

  64.         stacklevel=3,
    65. 

  65.     )
    66.