首頁 探索 說明
登入
panwang
/
exporter-ex
1
0
複刻 0
檔案 問題管理 0 合併請求 0 Wiki
目錄樹: a424e1f58a
分支列表 標籤列表
exporter-ex
/
venv
/
lib
/
python3.7
/
site-packages
/
cryptography
/
hazmat
/
backends
/
openssl
/
utils.py

utils.py 2.2 KB
文件歷史 原始文件

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465 
  1. # This file is dual licensed under the terms of the Apache License, Version
    2. 

  2. # 2.0, and the BSD License. See the LICENSE file in the root of this repository
    3. 

  3. # for complete details.
    4. 

  4. 

  5. 

  6. import warnings
    7. 

  7. 

  8. from cryptography import utils
    9. 

  9. from cryptography.hazmat.primitives import hashes
    10. 

  10. from cryptography.hazmat.primitives.asymmetric.utils import Prehashed
    11. 

  11. 

  12. 

  13. def _evp_pkey_derive(backend, evp_pkey, peer_public_key):
    14. 

  14.     ctx = backend._lib.EVP_PKEY_CTX_new(evp_pkey, backend._ffi.NULL)
    15. 

  15.     backend.openssl_assert(ctx != backend._ffi.NULL)
    16. 

  16.     ctx = backend._ffi.gc(ctx, backend._lib.EVP_PKEY_CTX_free)
    17. 

  17.     res = backend._lib.EVP_PKEY_derive_init(ctx)
    18. 

  18.     backend.openssl_assert(res == 1)
    19. 

  19.     res = backend._lib.EVP_PKEY_derive_set_peer(ctx, peer_public_key._evp_pkey)
    20. 

  20.     backend.openssl_assert(res == 1)
    21. 

  21.     keylen = backend._ffi.new("size_t *")
    22. 

  22.     res = backend._lib.EVP_PKEY_derive(ctx, backend._ffi.NULL, keylen)
    23. 

  23.     backend.openssl_assert(res == 1)
    24. 

  24.     backend.openssl_assert(keylen[0] > 0)
    25. 

  25.     buf = backend._ffi.new("unsigned char[]", keylen[0])
    26. 

  26.     res = backend._lib.EVP_PKEY_derive(ctx, buf, keylen)
    27. 

  27.     if res != 1:
    28. 

  28.         raise ValueError("Null shared key derived from public/private pair.")
    29. 

  29. 

  30.     return backend._ffi.buffer(buf, keylen[0])[:]
    31. 

  31. 

  32. 

  33. def _calculate_digest_and_algorithm(backend, data, algorithm):
    34. 

  34.     if not isinstance(algorithm, Prehashed):
    35. 

  35.         hash_ctx = hashes.Hash(algorithm, backend)
    36. 

  36.         hash_ctx.update(data)
    37. 

  37.         data = hash_ctx.finalize()
    38. 

  38.     else:
    39. 

  39.         algorithm = algorithm._algorithm
    40. 

  40. 

  41.     if len(data) != algorithm.digest_size:
    42. 

  42.         raise ValueError(
    43. 

  43.             "The provided data must be the same length as the hash "
    44. 

  44.             "algorithm's digest size."
    45. 

  45.         )
    46. 

  46. 

  47.     return (data, algorithm)
    48. 

  48. 

  49. 

  50. def _check_not_prehashed(signature_algorithm):
    51. 

  51.     if isinstance(signature_algorithm, Prehashed):
    52. 

  52.         raise TypeError(
    53. 

  53.             "Prehashed is only supported in the sign and verify methods. "
    54. 

  54.             "It cannot be used with signer, verifier or "
    55. 

  55.             "recover_data_from_signature."
    56. 

  56.         )
    57. 

  57. 

  58. 

  59. def _warn_sign_verify_deprecated():
    60. 

  60.     warnings.warn(
    61. 

  61.         "signer and verifier have been deprecated. Please use sign "
    62. 

  62.         "and verify instead.",
    63. 

  63.         utils.PersistentlyDeprecated2017,
    64. 

  64.         stacklevel=3,
    65. 

  65.     )
    66.