%PDF- %PDF-
Direktori : /usr/lib/python3/dist-packages/dns/dnssecalgs/ |
Current File : //usr/lib/python3/dist-packages/dns/dnssecalgs/eddsa.py |
from typing import Type from cryptography.hazmat.primitives import serialization from cryptography.hazmat.primitives.asymmetric import ed448, ed25519 from dns.dnssecalgs.cryptography import CryptographyPrivateKey, CryptographyPublicKey from dns.dnssectypes import Algorithm from dns.rdtypes.ANY.DNSKEY import DNSKEY class PublicEDDSA(CryptographyPublicKey): def verify(self, signature: bytes, data: bytes) -> None: self.key.verify(signature, data) def encode_key_bytes(self) -> bytes: """Encode a public key per RFC 8080, section 3.""" return self.key.public_bytes( encoding=serialization.Encoding.Raw, format=serialization.PublicFormat.Raw ) @classmethod def from_dnskey(cls, key: DNSKEY) -> "PublicEDDSA": cls._ensure_algorithm_key_combination(key) return cls( key=cls.key_cls.from_public_bytes(key.key), ) class PrivateEDDSA(CryptographyPrivateKey): public_cls: Type[PublicEDDSA] def sign(self, data: bytes, verify: bool = False) -> bytes: """Sign using a private key per RFC 8080, section 4.""" signature = self.key.sign(data) if verify: self.public_key().verify(signature, data) return signature @classmethod def generate(cls) -> "PrivateEDDSA": return cls(key=cls.key_cls.generate()) class PublicED25519(PublicEDDSA): key: ed25519.Ed25519PublicKey key_cls = ed25519.Ed25519PublicKey algorithm = Algorithm.ED25519 class PrivateED25519(PrivateEDDSA): key: ed25519.Ed25519PrivateKey key_cls = ed25519.Ed25519PrivateKey public_cls = PublicED25519 class PublicED448(PublicEDDSA): key: ed448.Ed448PublicKey key_cls = ed448.Ed448PublicKey algorithm = Algorithm.ED448 class PrivateED448(PrivateEDDSA): key: ed448.Ed448PrivateKey key_cls = ed448.Ed448PrivateKey public_cls = PublicED448