ÿigcddlmZddlZddlZddlZddlmZmZmZm Z m Z ddl m Z ddl mZmZmZmZddlmZmZmZddlmZmZddlmZd d lmZmZmZd d lmZ Gd d e!Z"Gdde#Z$dZ%dZ&d'dZ'dZ(d(dZ)dZ*dZ+dZ,dZ-dZ.dZ/dZ0dZ1dZ2d'dZ3e4dkrddl5Z5d Z6ed!j78Z9d"Z:e5j5Z;ee?d#e5j5e;z e:z d$zd%e5j5Z;ee6zZ>e?d&e5j5e;z e:z d$zd%dSdS)))print_functionN)bordtobytestostrbchr is_string)Integer) DerObjectIdDerOctetString DerSequence DerBitString)_expand_subject_public_key_info_create_subject_public_key_info _extract_subject_public_key_info)SHA512SHAKE256)get_random_bytes)EccPoint EccXPoint_curves)CurveIDceZdZdS)UnsupportedEccFeatureN)__name__ __module__ __qualname__T/var/www/html/afkarena/venv/lib/python3.11/site-packages/Cryptodome/PublicKey/ECC.pyrr7sDrrceZdZdZdZdZdZdZdZdZ e dZ e d Z e d Z d Zd Zd ZdZdZddZdZdZdZdZdZdZdZdS)EccKeyaClass defining an ECC key. Do not instantiate directly. Use :func:`generate`, :func:`construct` or :func:`import_key` instead. :ivar curve: The **canonical** name of the curve as defined in the `ECC table`_. :vartype curve: string :ivar pointQ: an ECC point representating the public component. :vartype pointQ: :class:`EccPoint` or :class:`EccXPoint` :ivar d: A scalar that represents the private component in NIST P curves. It is smaller than the order of the generator point. :vartype d: integer :ivar seed: A seed that representats the private component in Ed22519 (32 bytes), Curve25519 (32 bytes), Curve448 (56 bytes), Ed448 (57 bytes). :vartype seed: bytes c t|}|dd}|dd|_|dd|_|dd|_||jr |jj}|rt dt|z|tvrtd|zt||_ |j j |_t|jdut|jduz}|dkr|jtd dS|d krtd |j j tjkr|jtd t!|jd krtdt#j|j}|d d|_t+|dd }|dxxdzcc<|ddzdz|d<t-j|d|_dS|j j tjkr|jtd t!|jdkrtdt3j|jd}|dd|_t+|dd}|dxxdzcc<|dxxdzcc<d|d<t-j|d|_dS|j j tjkr|jtd t!|jd krtdt+|j}|dxxdzcc<|ddzdz|d<t-j|d|_dS|j j tjkr|jtd t!|jdkrtdt+|j}|dxxdzcc<|dxxdzcc<t-j|d|_dS|jtdt-|j|_d|jcxkr|j jksntd dS)!aCreate a new ECC key Keywords: curve : string The name of the curve. d : integer Mandatory for a private key one NIST P curves. It must be in the range ``[1..order-1]``. seed : bytes Mandatory for a private key on Ed25519 (32 bytes), Curve25519 (32 bytes), Curve448 (56 bytes) or Ed448 (57 bytes). point : EccPoint or EccXPoint Mandatory for a public key. If provided for a private key, the implementation will NOT check whether it matches ``d``. Only one parameter among ``d``, ``seed`` or ``point`` may be used. curveNdseedpointUnknown parameters: zUnsupported curve (%s)rzGAt lest one between parameters 'point', 'd' or 'seed' must be specifiedz,Parameters d and seed are mutually exclusivez/Parameter d can only be used with NIST P curves z0Parameter seed must be 32 bytes long for Ed25519@little byteorder9z.Parameter seed must be 57 bytes long for Ed448r78z3Parameter seed must be 32 bytes long for Curve25519z1Parameter seed must be 56 bytes long for Curve448z2Parameter 'seed' cannot be used with NIST P-curvesrz;Parameter d must be an integer smaller than the curve order)dictpop_d_seed_pointr$ TypeErrorstrr ValueError_curve canonicalintid_CurveIDED25519lenrnewdigest_prefix bytearrayr from_bytesED448rread CURVE25519CURVE448order)selfkwargskwargs_ curve_namecount seed_hashtmps r __init__zEccKey.__init__Qs&v,,[[$// ++c4(([[.. kk'400  $+ *J  C2S\\ABB B W $ $5 BCC Cj) [* DG4'((3tz/E+F+FF A::{" !jkkk F A::KLL L ;>X- - -w" !RSSS4:"$$ !STTT 4:..5577I$RSS>DLIcrcN++C FFFdNFFF2w~-CG(AAADGGG [^x~ - -w" !RSSS4:"$$ !QRRR TZ0055c::I$RSS>DLIcrcN++C FFFdNFFF GGGtOGGGCG(AAADGGG [^x2 2 2w" !RSSS4:"$$ !VWWWDJ''C FFFdNFFF2w~-CG(AAADGGG [^x0 0 0w" !RSSS4:"$$ !TUUUDJ''C FFFdNFFF GGGtOGGG(AAADGGGz% !UVVVdg&&DG3333$+"33333 !^___43rct|tsdS||krdS|j|jkS)NF) isinstancer" has_privatepointQ)rQothers r __eq__z EccKey.__eq__sP%(( 5     $"2"2"4"4 4 45|t{**rc|rN|jjr*dtt j|jz}ndt|jz}nd}|jj tj tj fvr|j j}d|jj||fz}n"|j j\}}d|jj|||fz}|S)Nz , seed=%sz, d=%dz EccKey(curve='%s', point_x=%d%s)z,EccKey(curve='%s', point_x=%d, point_y=%d%s))r[r@ is_edwardsrbinasciihexlifyr;rBr:rCrDrNrOr\xrAxy)rQextrardresultys r __repr__zEccKey.__repr__s      {% 0#eH,h1&/1 1 1 A74;;PRSUZ:[[FF;>DAqCt{G\^_abdiFjjF rc|jduS)zJ``True`` if this key can be used for making signatures or decrypting data.N)r:rQs r r[zEccKey.has_privateswd""rcd|cxkr|jjksnJ|jj}tjd|}|j|z}||z|}|jj|zj|z}|||z||zzz|z}||fS)Nrr) min_inclusive max_exclusive)r@rPr random_ranger:inverseGrd) rQzkrPblindblind_d inv_blind_krss r _signz EccKey._signs1((((t{((((((( !$138:::'E/qy))%00 []Q  !E ) 519w{2 3e ;1v rc|jj}|d|}|jj||z|zz}|j||dz|zz}||zj|dkS)Nrr)r@rPrprqr\rd)rQrrrsrPsinvpoint1point2s r _verifyzEccKey._verifysg !!u}}U##4!8u"451 67"be++rcV|std|jSNzThis is not a private ECC key)r[r?r:rks r r%zEccKey.ds,!! ><== =wrcV|std|jSr)r[r?r;rks r r&z EccKey.seeds-!! ><== =zrcP|j|jj|jz|_|jSN)r<r@rqr:rks r r\z EccKey.pointQs$ ; +-$'1DK{rcBt|jj|jS)z^A matching ECC public key. Returns: a new :class:`EccKey` object )r$r')r"r@rAr\rks r public_keyzEccKey.public_keysDK1EEEErc|jjstd|j}|rF|jjrd}nd}||jj|z}nBd|jj|z|jj|z}|S)Nz/SEC1 format is only supported for NIST P curves) r@is_weierstrassr?r\ size_in_bytesrhis_oddrdto_bytes)rQcompress modulus_bytes first_byters r _export_SEC1zEccKey._export_SEC1s{) PNOO O 1133  A{}##%% %$ $ $+-00??@JJ"+-00??@+-00??@Jrc|jj\}}|jjtjkr9t |dd}|dzdz|dz|d<nY|jjtjkr0t |dd}|dzdz|d<ntd t|S) Nr*r/r0rr,r2r7zNot an EdDSA key to export) r\rer@rCrDrErJrrLr?bytes)rQrdrhrgs r _export_eddsa_publiczEccKey._export_eddsa_public s{~1 ;>X- - -qzz"zAABBFq5Q,&*4F2JJ [^x~ - -qzz"zAABBFa%AF2JJ9:: :V}}rc|jjstd|jj}|j}t ||d}t|S)NzNot a Montgomery key to exportr/r0) r@ is_montgomeryr?r\rdrrJrr)rQrd field_sizergs r _export_montgomery_publicz EccKey._export_montgomery_public,sc{( ?=>> > KM[..00 1::jH:EEFFV}}rc@|jjr#|jj}|}d}n_|jjr#|jj}|}d}n0d}||}t|jj}t|||S)N1.2.840.10045.2.1) r@raoidrrrrr r)rQrrrparamss r _export_subjectPublicKeyInfoz#EccKey._export_subjectPublicKeyInfo4s ; ! 2+/C2244JFF [ & 2+/C7799JFF%C**844J 11F.s/9/577 7rTc|sJ|j}d|jj|z|jj|z}dt |j|t|j j dt|dg}|s|d=t| S)Nrrrexplicitr))r[r\rrdrrhr r%r r@rr r encode)rQinclude_ec_paramsrrseqs r _export_rfc5915_private_derz"EccKey._export_rfc5915_private_derFs!!!!! 1133 km,,];;<km,,];;< dfoom<<==4;?Q777J3335 ! A3&&(((rc `ddlm}|ddd|vrtd|j5|jj}t|j}d}n1d}| d}t|jj}|j ||fd |i|}|S) NrPKCS8 passphrase protectionz3At least the 'protection' parameter must be presentrF)r key_params) Cryptodome.IOrgetr?r;r@rr rrr wrap)rQrRrr private_keyrrgs r _export_pkcs8zEccKey._export_pkcs8as'''''' ::lD ) ) 5,f:T:TRSS S : !+/C(44;;==KFF%C::U:SSK 11FK&&'-&%&& rcdddlm}||}||dS)NrPEMz PUBLIC KEY)rrrr)rQrr encoded_ders r _export_public_pemzEccKey._export_public_pemvs;%%%%%%77AA zz+|444rc Vddlm}|}|j|d|fi|S)NrrzEC PRIVATE KEY)rrrrrQrrRrrs r _export_private_pemzEccKey._export_private_pem|sD%%%%%%6688 sz+'7NNvNNNrcbddlm}|}||dS)Nrrz PRIVATE KEY)rrrr)rQrrs r (_export_private_clear_pkcs8_in_clear_pemz/EccKey._export_private_clear_pkcs8_in_clear_pems9%%%%%%((** zz+}555rc ddlm}|sJd|vrtd|jdd|i|}||dS)Nrrrz5At least the 'protection' parameter should be presentrzENCRYPTED PRIVATE KEYr)rrr?rrrs r ,_export_private_encrypted_pkcs8_in_clear_pemz3EccKey._export_private_encrypted_pkcs8_in_clear_pemsl%%%%%% v % %TUU U(d(IIJI&II zz+'>???rc`|rtd|jj}|td|jz|dkr3|}t |t |f}n|j}|rQd|jj z}t||jj |z}nBd|jj |z|jj |z}|dd}t |t ||f}dd|D}|d zt!t#j|zS) Nz"Cannot export OpenSSH private keysz Cannot export %s keys as OpenSSH ssh-ed25519r)r-rcXg|]'}tjdt||z(S)>I)structpackrF).0rds r z*EccKey._export_openssh..s/FFF1T3q6622Q6FFFr )r[r?r@opensshr$rrr\rrhrrrdrsplitjoinrrb b2a_base64) rQrdescrcompsrrmiddleblobs r _export_opensshzEccKey._export_opensshs      CABB B{" <?$*LMM M ] " "2244JT]]GJ$7$78EE K5577M E!5!5!7!77 ":.."km44]CCD &"km44]CCD"km44]CCD ZZ__Q'FT]]GFOOZ@ExxFFFFFGGczE("5d";";<<<`. It is recommended to use ``'PBKDF2WithHMAC-SHA512AndAES128-CBC'``. compress (boolean): If ``True``, the method returns a more compact representation of the public key, with the X-coordinate only. If ``False`` (default), the method returns the full public key. This parameter is ignored for Ed25519/Ed448/Curve25519/Curve448, as compression is mandatory. prot_params (dict): When a private key is exported with password-protection and PKCS#8 (both ``DER`` and ``PEM`` formats), this dictionary contains the parameters to use to derive the encryption key from the passphrase. For all possible values, refer to :ref:`the encryption parameters of PKCS#8`. The recommendation is to use ``{'iteration_count':21000}`` for PBKDF2, and ``{'iteration_count':131072}`` for scrypt. .. warning:: If you don't provide a passphrase, the private key will be exported in the clear! .. note:: When exporting a private key with password-protection and `PKCS#8`_ (both ``DER`` and ``PEM`` formats), any extra parameters to ``export_key()`` will be passed to :mod:`Cryptodome.IO.PKCS8`. .. _PEM: http://www.ietf.org/rfc/rfc1421.txt .. _`PEM encryption`: http://www.ietf.org/rfc/rfc1423.txt .. _OpenSSH: http://www.openssh.com/txt/rfc5656.txt .. _RFC5480: https://tools.ietf.org/html/rfc5480 .. _SEC1: https://www.secg.org/sec1-v2.pdf .. _RFC7748: https://tools.ietf.org/html/rfc7748 Returns: A multi-line string (for ``'PEM'`` and ``'OpenSSH'``) or ``bytes`` (for ``'DER'``, ``'SEC1'``, and ``'raw'``) with the encoded key. format)rDEROpenSSHSEC1rawzUnknown format '%s'rFrNzEmpty passphrase use_pkcs8Tz%'pkcs8' must be True for EdDSA curvesz#'pkcs8' must be True for Curve25519rz)'protection' is only supported for PKCS#8rrz8Private keys can only be encrpyted with DER using PKCS#8z2Private keys cannot be exported in the '%s' formatzUnexpected parameters: '%s'rrr)copyr9r?r[rrr@rarrrrrrrrrrrr)rQrRargs ext_formatrrrs r export_keyzEccKey.export_keyst{{}}XXh'' E E E2Z?@@ @88J..     4 6,55J$$ 9$Z00 !9$%7888d33IE!!;)N$%LMMM;,L$%JKKK4''$%PQQQU""H!OPtPQ[dd_cddd#LLNNN343JGG$GGGu$$aia$%_```>-4-LLLtLLL;;=== "68B"CDDD G !>!EFFFU""..x888u$$88BBBv%%((222u$$;)744666[.799;;;,,X666++H555rN)T)rrr__doc__rXr^rir[ryrpropertyr%r&r\rrrrrrrrrrrrrrrr r"r";s*``````D+++"###   ,,,X X X FFF8   777$))))6*555 OOO 666 @@@===:U6U6U6U6U6rr"c |d}t|}|dt}|rtdt |zt|jt jkr|d}t||}n.t|jt j kr|d}t||}nt|jt j krB|d}t||}t| |j nt|jt j krB|d}t||}t| |j n-tjd|j| }t|| }|S) a5Generate a new private key on the given curve. Args: curve (string): Mandatory. It must be a curve name defined in the `ECC table`_. randfunc (callable): Optional. The RNG to read randomness from. If ``None``, :func:`Cryptodome.Random.get_random_bytes` is used. r$randfuncr(r*r$r&r2r7r)rmrnr)r$r%)r9rrr=r>rCrDrEr"rLrNvalidater\rOr rorP)rRrTr$rr&new_keyr%s r generaterFsG$$J J Ezz*&677H >.V<===z!111x||z555   8> 1 1x||z555   8#6 6 6x||z555 $$W^4444   8#4 4 4x||z555 $$W^4444  q/4{*2 4 4 4zQ/// Nrc |d}t|}|dd}|dd}d|vrtd|jtjkr<|t |||d<tdi|}||j n|jtj kr<|t |||d<tdi|}||j nid||fvrt||||d<tdi|}| r/d|vr+|j |jz}|j||fkrt!d|S) aBuild a new ECC key (private or public) starting from some base components. In most cases, you will already have an existing key which you can read in with :func:`import_key` instead of this function. Args: curve (string): Mandatory. The name of the elliptic curve, as defined in the `ECC table`_. d (integer): Mandatory for a private key and a NIST P-curve (e.g., P-256). It must be an integer in the range ``[1..order-1]``. seed (bytes): Mandatory for a private key and curves Ed25519 (32 bytes), Curve25519 (32 bytes), Curve448 (56 bytes) and Ed448 (57 bytes). point_x (integer): The X coordinate (affine) of the ECC point. Mandatory for a public key. point_y (integer): The Y coordinate (affine) of the ECC point. Mandatory for a public key, except for Curve25519 and Curve448. Returns: :class:`EccKey` : a new ECC key object r$point_xNpoint_yr'zUnknown keyword: pointz(Private and public ECC keys do not matchr)rr9r=rCrDrNrr"rr\rOrr[rqr%rer?)rRrTr$rrrpub_keys r constructrpsBJ J EjjD))GjjD))G&0111 x8&&&  '<#;<J %&CD"$?@H  k LDsJKK K :# ,,V44:II : : :899 9 :"(i@@@@  .8o+ +  OG#MNN N&&x001AZ@@@@ ,4SM) )  OG#MNN N ! !( + +*5555$$=$CDDDs &A<<Bct|d}|ddkrtdt|dj}d}|t |kr^ t d||j}|||krtd|}|dz }n#t$rYnwxYw|td tj D]\}}|j |krntd |z|j } t || krtd dx} } |t |krn td||j} t| | } | jj} | jj} |dz }n#t$rYnwxYwt'j|}t+||| | S)Nr)rr) nr_elementsrrz!Incorrect ECC private key versionr)rzCurve mismatchzNo curve foundrzPrivate key is too smallr)r$r%rr)r rr?r payloadrFr rrrrrrrr rr\rdrhr rKr)rrrec_private_key scalar_bytes next_element parametersrTr$rrrpublic_key_encrr%s r _import_rfc5915_derr2sQ!]]))'y)IINaA<===!##**>!+<==ELLc.)))) $a00077|8TUU[J$y)@)@ !1222"I A LL    D )***$]__SS E 9 ! ! E "$$E $QRRRG))++M <M))3444Ggc.)))) )1555<<^L=YZZ`N+NiPPPJ ')G ')G A LL    D  <((A :GW M M MMs&A C CC:AG G$#G$cZddlm}|||\}}}d}ddd}ddd }||vr7t|j} t ||| S||vrP|td d} t|j } t||| S||vr[||} |td | zd} t|j } t||| Std |z)Nrrrrrrrrrz.EdDSA ECC private key must not have parametersrz+%s ECC private key must not have parametersz!Unsupported ECC purpose (OID: %s)) rrunwrapr rrrr?r rrr) rrralgo_oidrrr r r rr&rTs r _import_pkcs8rmst######$)LL*$E$E!Hk6K !J $!H ;MM((006 "; IFFF Z    MNN N &&{33;z(3$???? X  h'  J'()) ) &&{33;x1====#$G($RSSSrc>t|}t|Sr)rr)rrRsp_infos r _import_x509_certrs.w77G ' 0 00rc t||S#t$r}|d}~wtttf$rYnwxYw t ||S#t$r}|d}~wtttf$rYnwxYw t ||S#t$r}|d}~wtttf$rYnwxYw t||S#t$r}|d}~wtttf$rYnwxYwtd)NzNot an ECC DER key)rrr?r= IndexErrorrrr)rrerrs r _import_derr#so +GZ@@@   : .       *555   : .      "7J777   : .      Wj111   : .      ) * **sm ;;;A A8AA87A8<B B5BB54B59C C2CC21C2cj|d}t|dvrtd tj|d}g}t|dkrct jd|ddd}||dd|z|d|zd}t|dkc|d|dkrtd|dd rtj D]c\}}|j  |j d s(t|j d d }|d|krndtd |zt|d |j}nO|ddkr+t|d\} } t!d| | }ntd|dzn8#t"t$tjf$rtd|dzwxYw|S)N rzNot an openssh public keyrrrrzMismatch in openssh public key ecdsa-sha2- ecdsa-sha2rr)zUnsupported ECC curve: r ssh-ed25519rrzUnsupported SSH key type: zError parsing SSH key type: )rrFr?rb a2b_base64runpackappend startswithrrrrrrrrr!r=Error) rparts keystringkeypartslkrTr$recc_keyrdrhs r _import_openssh_publicr3sO MM$  E 5zz4555$D'a11 )nnq  tYrr]33A6B OOIaBh/ 0 0 0!!b&''*I)nnq  8x{ " "=>> > 8  ~ . . F%,]__ E E! E=(}// == !4!4S!9!9!!<==A;&((E)!!:V!CDDD(! JJJGG1X ' '-hqk::DAqiAFFFGG9E!HDEE E  8> 2DDD7%(BCCCD Ns GG;;5H0cddlm}m}m}m}|||\}}ddt dfi}|dr||\} }| tvrtd| zt| } | j dzd z} ||\} }t| d d krtd t| d | zdzkrtdtj| dd| z} tj| d| zd}||\}}tj|}|| d}n\||vrF||\}}}||\} }|| \} }||\}}|d|}||d}ntd|z||\}}||td| |d|S)Nr)import_openssh_private_generic read_bytes read_string check_paddingrrr*r'zUnsupported ECC curve %srrrz/Only uncompressed OpenSSH EC keys are supportedr)zIncorrect public key length)r%r$)r&r$zUnsupport SSH agent key type:)rrr)_opensshr5r6r7r8rr,rr modulus_bitsrr?rFr rKr)datapasswordr5r6r7r8key_type decrypted eddsa_keysecdsa_curve_namer$rrrrrr%rrTr seed_lenprivate_public_keyr&_paddeds r _import_openssh_private_eccrFsCCCCCCCCCCCC98xHHHi  #=rBJ <((#E&1k)&<&<#) 7 * *'(BEU(UVV V()+a/A5 * 9 5 5 I  1  ! # #NOO O z??a-/!3 3 3:;; ;$Z!M/0A%BCC$Z-0@0@%ABB!+I!6!6 Y  { + +#344 Z  8B88L5 +X * 9 5 5 I22:>>(2 9(=(=%I!)8),4488CDDD I&&IAvM&  @Wg @ @ @ @@rc t|dkrtdtd}d}t|}|ddz }|dxxdzcc<tj|d }||krtd |d krd S|d zd z |z}|d z|z|zd z|z} ||}||z|z} tj| |} | d z|kr|| z } n#t$rtdwxYw| |fS)aiImport an Ed25519 ECC public key, encoded as raw bytes as described in RFC8032_. Args: encoded (bytes): The Ed25519 public key to import. It must be 32 bytes long. Returns: x and y (integer) Raises: ValueError: when the given key cannot be parsed. .. _RFC8032: https://datatracker.ietf.org/doc/html/rfc8032 r*z9Incorrect length. Only Ed25519 public keys are supported.llx&(7Z/ ;(P8se:8 w6Rr,rr-r/r0zInvalid Ed25519 key (y)rrrr)zInvalid Ed25519 public key)rFr?r rJrKrp_tonelli_shanks rrr%rhx_lsbruvv_invx2rs r rr!sP" 7||rTUUURSSAUA'A bEQJEbEEETMEEE h777G!||2333!||t !a1A 1*q.A  !Q&A7 ! %i1_)"a00 aKE ! !'kG 77756667 G s .AC//D ct|dkrtdt|}|dxxdzcc<tj|d}|S)ahImport a Curve25519 ECC public key, encoded as raw bytes as described in RFC7748_. Args: encoded (bytes): The Curve25519 public key to import. It must be 32 bytes long. Returns: x (integer) Raises: ValueError: when the given key cannot be parsed. .. _RFC7748: https://datatracker.ietf.org/doc/html/rfc7748 r*zIncorrect Curve25519 key lengthr,r-r/r0)rFr?rJr rK)rrdrs r rrNs`" 7||r:;;;'AbEEETMEEE h777G Nrcvt|dkrtdtj|d}|S)adImport a Curve448 ECC public key, encoded as raw bytes as described in RFC7748_. Args: encoded (bytes): The Curve448 public key to import. It must be 56 bytes long. Returns: x (integer) Raises: ValueError: when the given key cannot be parsed. .. _RFC7748: https://datatracker.ietf.org/doc/html/rfc7748 r7zIncorrect Curve448 key lengthr/r0)rFr?r rK)rrs r rrjs>" 7||r8999 H===G Nrct|dkrtdtdj}|dz }|dd}t |ddz }t j|d }||krtd |d krd S|d zd z |z}|d z|z|zd z |z} ||}||z|z} t j| |} | d z|kr|| z } n#t$rtdwxYw| |fS)agImport an Ed448 ECC public key, encoded as raw bytes as described in RFC8032_. Args: encoded (bytes): The Ed448 public key to import. It must be 57 bytes long. Returns: x and y (integer) Raises: ValueError: when the given key cannot be parsed. .. _RFC8032: https://datatracker.ietf.org/doc/html/rfc8032 r2z7Incorrect length. Only Ed448 public keys are supported.curve448iNr7rr/r0zInvalid Ed448 key (y)rrHr)zInvalid Ed448 public key) rFr?rrrr rKrprIrJs r rrsG" 7||rRSSS A E A A    "E h777G!||0111!||t !a1A 1*q.A  !Q&A5 ! %i1_)"a00 aKE ! !'kG 55534445 G s ,AC--Dcddlm}t|}|t|}|dr;t |}|||\}}}t ||}|S|drt |}d} d} tj| dz| zd |tj }|||\} }}|rd} t| |}n,#t$r} | d} ~ wt$rtd wxYw|S|d rt|St|dkr)t|dd krt||St|dkr9t|ddvr"|tdt!||Std)a Import an ECC key (public or private). Args: encoded (bytes or multi-line string): The ECC key to import. The function will try to automatically detect the right format. Supported formats for an ECC **public** key: * X.509 certificate: binary (DER) or ASCII (PEM). * X.509 ``subjectPublicKeyInfo``: binary (DER) or ASCII (PEM). * SEC1_ (or X9.62), as ``bytes``. NIST P curves only. You must also provide the ``curve_name`` (with a value from the `ECC table`_) * OpenSSH line, defined in RFC5656_ and RFC8709_ (ASCII). This is normally the content of files like ``~/.ssh/id_ecdsa.pub``. Supported formats for an ECC **private** key: * A binary ``ECPrivateKey`` structure, as defined in `RFC5915`_ (DER). NIST P curves only. * A `PKCS#8`_ structure (or the more recent Asymmetric Key Package, RFC5958_): binary (DER) or ASCII (PEM). * `OpenSSH 6.5`_ and newer versions (ASCII). Private keys can be in the clear or password-protected. For details about the PEM encoding, see `RFC1421`_/`RFC1423`_. passphrase (byte string): The passphrase to use for decrypting a private key. Encryption may be applied protected at the PEM level (not recommended) or at the PKCS#8 level (recommended). This parameter is ignored if the key in input is not encrypted. curve_name (string): For a SEC1 encoding only. This is the name of the curve, as defined in the `ECC table`_. .. note:: To import EdDSA private and public keys, when encoded as raw ``bytes``, use: * :func:`Cryptodome.Signature.eddsa.import_public_key`, or * :func:`Cryptodome.Signature.eddsa.import_private_key`. .. note:: To import X25519/X448 private and public keys, when encoded as raw ``bytes``, use: * :func:`Cryptodome.Protocol.DH.import_x25519_public_key` * :func:`Cryptodome.Protocol.DH.import_x25519_private_key` * :func:`Cryptodome.Protocol.DH.import_x448_public_key` * :func:`Cryptodome.Protocol.DH.import_x448_private_key` Returns: :class:`EccKey` : a new ECC key object Raises: ValueError: when the given key cannot be parsed (possibly because the pass phrase is wrong). .. _RFC1421: https://datatracker.ietf.org/doc/html/rfc1421 .. _RFC1423: https://datatracker.ietf.org/doc/html/rfc1423 .. _RFC5915: https://datatracker.ietf.org/doc/html/rfc5915 .. _RFC5656: https://datatracker.ietf.org/doc/html/rfc5656 .. _RFC8709: https://datatracker.ietf.org/doc/html/rfc8709 .. _RFC5958: https://datatracker.ietf.org/doc/html/rfc5958 .. _`PKCS#8`: https://datatracker.ietf.org/doc/html/rfc5208 .. _`OpenSSH 6.5`: https://flak.tedunangst.com/post/new-openssh-key-format-and-bcrypt-pbkdf .. _SEC1: https://www.secg.org/sec1-v2.pdf rrNs-----BEGIN OPENSSH PRIVATE KEYs-----z-----BEGIN EC PARAMETERS-----z-----END EC PARAMETERS-----z.*?r`)flagsz(Invalid DER encoding inside the PEM file)r&r(0rzNo curve name was provided)rTzECC key format is not supported)rrrr,rrrFresubDOTALLr#rr?r3rFrr) rrrTr text_encodedopenssh_encodedmarkerenc_flagrgecparams_start ecparams_end der_encodeduefs r import_keyrbs1R"!!!!!gGZ(( ;<<W~~ ,/JJ|Z,P,P),_jII   H % %W~~ 94 vnu4|CR*$&I/// ), <(L(L% VX  J I j99FF$   I I I IGHH H I :;;/%g... 7||aD,,447J/// 7||aD,,0BBB  9:: :!'jAAAA 6 7 77s&C77 D DD __main__l_,)N$c hKf-5lkrss>&%%%%% KKKKKKKKKKKKKK++++++,,,,,,,,,,,,@@@@@@@@@@-,,,,,,,......0000000000''''''     J   H6H6H6H6H6VH6H6H6V'''TDDDN5>5>5>5>p@E@E@EF8N8N8N8Nv%T%T%TP111 +++B+++\4A4A4An***Z82)))X{8{8{8{8| zKKKJA FO  " " $ $E E DIKKE U5\\ E+  e+u4t;TBBB DIKKE U5\\! E #idikkE&9U%BT%I4PPPPP#r