a Me @sddlZddlmZddlmZddlmZmZddlm Z m Z ddl m Z ddl mZGdd d e ZGd d d e ZGd d d eZGdddeZdS)N)default_backend)hashes)dsautils)CryptographyPrivateKeyCryptographyPublicKey) Algorithm)DNSKEYc@s`eZdZUejed<ejZejZ e Z e e ddddZe dddZeedd d d ZdS) PublicDSAkeyN) signaturedatareturncCsJ|dd}|dd}tt|dt|d}|j|||jdS)Nbig)rZencode_dss_signatureint from_bytesr verify chosen_hash)selfr r Zsig_rZsig_sZsigr6/usr/lib/python3.9/site-packages/dns/dnssecalgs/dsa.pyrs   zPublicDSA.verify)rcCs|j}|jjddd}|dkr.tdd|d}td|}||jjdd7}||jj |d7}||jj |d7}||j |d7}|S)z,Encode a public key per RFC 2536, section 2.@zunsupported DSA key size!Br) r Zpublic_numberskey_size ValueErrorstructpackZparameter_numbersqto_bytespgy)rZpndsa_toctetsresrrrencode_key_bytess   zPublicDSA.encode_key_bytes)r rc Cs|||j}td|dd\}|dd}d|d}|dd}|dd}|d|}||d}|d|}||d}|d|}|tt|dtt|dt|dt|d t dS) Nrrrrrrrr ) Z!_ensure_algorithm_key_combinationr runpackrZDSAPublicNumbersrrZDSAParameterNumbers public_keyr) clsr Zkeyptrtr'Zdsa_qZdsa_pZdsa_gZdsa_yrrr from_dnskey(s0              zPublicDSA.from_dnskey)__name__ __module__ __qualname__rZ DSAPublicKey__annotations__key_clsrZDSA algorithmrZSHA1rbytesrr) classmethodr r/rrrrr s  r c@sJeZdZUejed<ejZeZd e e e dddZ e e ddddZd S) PrivateDSAr F)r rrc Cs|j}|jdkrtd|j||jj}t|\}}|jddd}d}t d|t j ||ddt j ||dd} |r| | || S) z1Sign using a private key per RFC 2536, section 3.izDSA key size overflowrrrrr)length byteorder)r r,rrsign public_clsrrZdecode_dss_signaturerr rr"r) rr rZpublic_dsa_keyZ der_signatureZdsa_rZdsa_sr&r'r rrrr;Gs    zPrivateDSA.sign)rrcCs|tj|ddS)N)rr*)rZgenerate_private_key)r-rrrrgenerateYs zPrivateDSA.generateN)F)r0r1r2rZ DSAPrivateKeyr3r4r r<r6boolr;r7rr=rrrrr8Bs  r8c@seZdZejZdS)PublicDSANSEC3SHA1N)r0r1r2rZ DSANSEC3SHA1r5rrrrr?`sr?c@seZdZeZdS)PrivateDSANSEC3SHA1N)r0r1r2r?r<rrrrr@dsr@)rZcryptography.hazmat.backendsrZcryptography.hazmat.primitivesrZ)cryptography.hazmat.primitives.asymmetricrrZdns.dnssecalgs.cryptographyrrZdns.dnssectypesrZdns.rdtypes.ANY.DNSKEYr r r8r?r@rrrrs    6