+ '(j  ^RIHt^RIt^RIt^RIt^RIHtHtHtH t H t ^RI H t ^RI HtHtHtHt^RIHtHtHt^RIHtHt^RIHt^R IHtHtHt^R IHt !R R ]!4t"!R R]#4t$Rt%Rt&R&Rlt'Rt(R'Rlt)Rt*Rt+Rt,Rt-Rt.Rt/Rt0Rt1Rt2R&Rlt3]4R8Xd^RI5t5Rt6]R ,PnPq4t9R!t:]5Pj!4t;]K ]?!R"]5Pj!4];, ]:, R#,R$4]5Pj!4t;]]6,t>K ]?!R%]5Pj!4];, ]:, R#,R$4R#R#)()print_functionN)bordtobytestostrbchr is_string)Integer) DerObjectIdDerOctetString DerSequence DerBitString)_expand_subject_public_key_info_create_subject_public_key_info _extract_subject_public_key_info)SHA512SHAKE256)get_random_bytes)EccPoint EccXPoint_curves)CurveIDc]tRt^7tRtR#)UnsupportedEccFeatureN)__name__ __module__ __qualname____firstlineno____static_attributes__rI/home/ubuntu/cf-venv/lib/python3.14/site-packages/Crypto/PublicKey/ECC.pyrr7sr rca]tRt^;toRtRtRtRtRtRt Rt ] R4t ] R 4t ] R 4tR tR tR tRtRtRRltRtRtRtRtRtRtRtRtVtR#)EccKeyaClass defining an ECC key. Do not instantiate directly. Use :func:`generate`, :func:`construct` or :func:`import_key` instead. :ivar curve: The **canonical** name of the curve as defined in the `ECC table`_. :vartype curve: string :ivar pointQ: an ECC point representing the public component. :vartype pointQ: :class:`EccPoint` or :class:`EccXPoint` :ivar d: A scalar that represents the private component in NIST P curves. It is smaller than the order of the generator point. :vartype d: integer :ivar seed: A seed that represents the private component in Ed22519 (32 bytes), Curve25519 (32 bytes), Curve448 (56 bytes), Ed448 (57 bytes). :vartype seed: bytes c \V4pVPRR4pVPRR4VnVPRR4VnVPRR4VnVf)VP'dVPP pV'd\ R\V4,4hV\9d\RV,4h\V,Vn VPPVn\VPRJ4\VPRJ4,pV^8XdVPf \R4hR#V^8Xd \R 4hVPP\P8XdVPe \R 4h\!VP4^ 8wd \R 4h\"P$!VP4P'4pVR ,Vn\+VR ,4pV^;;,^,uu&V^,^,^@,V^&\,P.!VRR7VnR#VPP\P08XdVPe \R 4h\!VP4^98wd \R4h\2P$!VP4P5^r4pVR,Vn\+VR,4pV^;;,^,uu&V^7;;,^,uu&^V^8&\,P.!VRR7VnR#VPP\P68XdVPe \R 4h\!VP4^ 8wd \R4h\+VP4pV^;;,^,uu&V^,^,^@,V^&\,P.!VRR7VnR#VPP\P88XdVPe \R 4h\!VP4^88wd \R4h\+VP4pV^;;,^,uu&V^7;;,^,uu&\,P.!VRR7VnR#VPe \R4h\-VP4Vn^VPu;8:dVPP:8gM\R4hR#)a(Create a new ECC key Keywords: curve : string The name of the curve. d : integer Mandatory for a private key one NIST P curves. It must be in the range ``[1..order-1]``. seed : bytes Mandatory for a private key on Ed25519 (32 bytes), Curve25519 (32 bytes), Curve448 (56 bytes) or Ed448 (57 bytes). point : EccPoint or EccXPoint Mandatory for a public key. If provided for a private key, the implementation will NOT check whether it matches ``d``. Only one parameter among ``d``, ``seed`` or ``point`` may be used. curveNdseedpointUnknown parameters: zUnsupported curve (%s)zGAt lest one between parameters 'point', 'd' or 'seed' must be specifiedz,Parameters d and seed are mutually exclusivez/Parameter d can only be used with NIST P curvesz0Parameter seed must be 32 bytes long for Ed25519: NN:Nr*Nlittle byteorderz.Parameter seed must be 57 bytes long for Ed448:9NN:Nr.Nz3Parameter seed must be 32 bytes long for Curve25519z1Parameter seed must be 56 bytes long for Curve448z2Parameter 'seed' cannot be used with NIST P-curvesz;Parameter d must be an integer smaller than the curve order)dictpop_d_seed_pointr% TypeErrorstrr ValueError_curve canonicalintid_CurveIDED25519lenrnewdigest_prefix bytearrayr from_bytesED448rread CURVE25519CURVE448order)selfkwargskwargs_ curve_namecount seed_hashtmps&, r!__init__EccKey.__init__Qs&v,[[$/ ++c4([[. kk'40  $+++**J 2S\AB B W $5 BC Cj) [[** DGG4'(3tzz/E+FF A:{{" !jkk  A:KL L ;;>>X-- -ww" !RSS4::"$ !STT 4::.557I$S>DLIcN+C FdNF2w~-CG((ADG [[^^x~~ -ww" !RSS4::"$ !QRR TZZ055c:I$S>DLIcN+C FdNF GtOGCG((ADG [[^^x22 2ww" !RSS4::"$ !VWWDJJ'C FdNF2w~-CG((ADG [[^^x00 0ww" !RSS4::"$ !TUUDJJ'C FdNF GtOG((ADGzz% !UVVdgg&DG3$++"3"33 !^__4r c\V\4'gR#VP4VP48wdR#VPVP8H#)F) isinstancer# has_privatepointQ)rHothers&&r!__eq__ EccKey.__eq__sB%((    $"2"2"4 4||t{{**r cZVP4'dkVPP'd2R\\P !VP 44,pMR\VP4,pMRpVPP\P\P39d8VPPpRVPPW!3,pV#VPP wr$RVPPW$V3,pV#)z , seed=%sz, d=%dz EccKey(curve='%s', point_x=%d%s)z,EccKey(curve='%s', point_x=%d, point_y=%d%s))rSr7 is_edwardsrbinasciihexlifyr2r9r1r:r;rErFrTxr8xy)rHextrar]resultys& r!__repr__EccKey.__repr__s     {{%%%#eH,<,>h11&//1 1 A74;;;P;PRS:[[F ;;>>DACt{{G\G\^_diFjjF r c VPRJ#)zJ``True`` if this key can be used for making signatures or decrypting data.N)r1rHs&r!rSEccKey.has_privateswwd""r c^Tu;8dVPP8gQhQhVPPp\P!^VR7pVPV,pWB,P V4pVPP V,PV,pWdV,WW,,,V,pWx3#)r) min_inclusive max_exclusive)r7rGr random_ranger1inverseGr]) rHzkrGblindblind_d inv_blind_krss &&& r!_sign EccKey._signs1(t{{((((((( !!$$138:''E/y))%0 [[]]Q  ! !E ) 19w{2 3e ;v r c8VPPpV^,PV4pVPPWA,V,,pVPWB^,,V,,pWV,P V^,8H#))r7rGrkrlrTr])rHrmrsrGsinvpoint1point2s&&& r!_verifyEccKey._verifysl !!!u}}U#48u"451 67""be++r c\VP4'g \R4hVP#zThis is not a private ECC key)rSr6r1res&r!r&EccKey.ds&!!<= =wwr c\VP4'g \R4hVP#r)rSr6r2res&r!r' EccKey.seeds'!!<= =zzr cVPf-VPPVP,VnVP#N)r3r7rlr1res&r!rT EccKey.pointQs. ;; ++--$''1DK{{r c X\VPPVPR7#)zFA matching ECC public key. Returns: a new :class:`EccKey` object )r%r()r#r7r8rTres&r! public_keyEccKey.public_keysDKK11EEr cVPP'g \R4hVPP 4pV'd^VPP P 4'dRpMRpVVPPPV4,pV#RVPPPV4,VPP PV4,pV#)z/SEC1 format is only supported for NIST P curves) r7is_weierstrassr6rT size_in_bytesrais_oddr]to_bytes)rHcompress modulus_bytes first_byters&& r! _export_SEC1EccKey._export_SEC1s{{)))NO O 113 {{}}##%%$ $ $++--00?@J "++--00?@++--00?@Jr cVPPwrVPP\P 8Xd?\ VP^ RR74pV^,^,V^,,V^&MdVPP\P8Xd1\ VP^9RR74pV^,^,V^8&M \R4h\V4#)r*r+r,zNot an EdDSA key to export) rTr^r7r:r;r<rArrCr6bytes)rHr]rar`s& r!_export_eddsa_publicEccKey._export_eddsa_public s{{~~ ;;>>X-- -qzz"zABFq5Q,&*4F2J [[^^x~~ -qzz"zABFa%AF2J9: :V}r cVPP'g \R4hVPPpVPP 4p\ VPVRR74p\V4#)zNot a Montgomery key to exportr+r,) r7 is_montgomeryr6rTr]rrArr)rHr] field_sizer`s& r!_export_montgomery_public EccKey._export_montgomery_public,s^{{(((=> > KKMM[[..0 1::jH:EFV}r cVPP'd*VPPpVP4pRpMwVPP'd*VPPpVP 4pRpM2RpVP V4p\VPP4p\VVV4#)N1.2.840.10045.2.1) r7rZoidrrrrr r)rHrrrparamss&& r!_export_subjectPublicKeyInfo#EccKey._export_subjectPublicKeyInfo4s ;; ! ! !++//C224JF [[ & & &++//C779JF%C**84J 1F.s/9/57 7r cVP4'gQhVPP4pRVPPP V4,VPP P V4,p^\ VPP V44\VPP^R7\V^R7.pV'gV^\V4P4#)rexplicit)rSrTrr]rrar r&r r7rr r encode)rHinclude_ec_paramsrrseqs&& r!_export_rfc5915_private_der"EccKey._export_rfc5915_private_derFs!!!! 113 kkmm,,];<kkmm,,];< dffoom<=4;;??Q7J35 !A3&&((r c ^RIHpVPRR4eRV9d \R4hVPe=VP P p\VP4P4pRpM3RpVPRR7p\VP P 4pVP!VV3R V/VBpV#) rPKCS8 passphraseN protectionz3At least the 'protection' parameter must be presentrF)r key_params) Crypto.IOrgetr6r2r7rr rrr wrap)rHrIrr private_keyrr`s&, r! _export_pkcs8EccKey._export_pkcs8as# ::lD ) 5,f:TRS S :: !++//C(4;;=KF%C::U:SK 1FK&'-&%& r cT^RIHpVPV4pVPVR4#)rPEMz PUBLIC KEY)rrrr)rHrr encoded_ders&& r!_export_public_pemEccKey._export_public_pemvs&!77A zz+|44r c X^RIHpVP4pVP!VRV3/VB#)rrzEC PRIVATE KEY)rrrrrHrrIrrs&&, r!_export_private_pemEccKey._export_private_pem|s,!668 zz+'7NvNNr cR^RIHpVP4pVPVR4#)rrz PRIVATE KEY)rrrr)rHrrs& r!(_export_private_clear_pkcs8_in_clear_pem/EccKey._export_private_clear_pkcs8_in_clear_pems$!((* zz+}55r c ^RIHpV'gQhRV9d \R4hVP!RRV/VBpVP VR4#)rrrz5At least the 'protection' parameter should be presentrzENCRYPTED PRIVATE KEYr)rrr6rrrs&&, r!,_export_private_encrypted_pkcs8_in_clear_pem3EccKey._export_private_encrypted_pkcs8_in_clear_pemsK!z v %TU U((IJI&I zz+'>??r c VP4'd \R4hVPPpVf\RVP,4hVR8Xd)VP 4p\ V4\ V43pEMVPP4pV'db^VPPP4,p\V4VPPPV4,pMVRVPPPV4,VPPPV4,pVPR4^,p\ V4\ V4V3pRPVUu.uF*p\ P"!R\%V44V,NK, up4p VR,\'\(P*!V 44,#uupi)z"Cannot export OpenSSH private keysz Cannot export %s keys as OpenSSH ssh-ed25519r-r >I )rSr6r7opensshr%rrrTrrarrr]rsplitjoinstructpackr=rr[ b2a_base64) rHrdescrcompsrrmiddler]blobs && r!_export_opensshEccKey._export_opensshs     AB B{{"" <?$**LM M ] "224JT]GJ$78E KK557M!5!5!77 ":."kkmm44]CD &"kkmm44]CD"kkmm44]CD ZZ_Q'FT]GFOZ@ExxF1T3q62Q66FGczE("5"5d";<<<Gs0Hc ZVP4pVPR4pVR9d\RV,4hVPRR4pVP4'EdgVPR R 4p\ V4'd\ V4pV'g \R 4hVPR R 4pVRJdaVP P'd \R4hVP P'd \R4hRV9d \R4hVR8XdGV'd,V'dVP!V3/VB#VP4#VP!V3/VB#VR8XdHV'dV'g \R4hV'dVP!RR V/VB#VP4#\RV,4hV'd\RV,4hVR8XdVPV4#VR8XdVPV4#VR8XdVP!V4#VR8XdjVP P'dVP#4#VP P'dVP%4#VP!V4#VP'V4#)a Export this ECC key. Args: format (string): The output format: - ``'DER'``. The key will be encoded in ASN.1 DER format (binary). For a public key, the ASN.1 ``subjectPublicKeyInfo`` structure defined in `RFC5480`_ will be used. For a private key, the ASN.1 ``ECPrivateKey`` structure defined in `RFC5915`_ is used instead (possibly within a PKCS#8 envelope, see the ``use_pkcs8`` flag below). - ``'PEM'``. The key will be encoded in a PEM_ envelope (ASCII). - ``'OpenSSH'``. The key will be encoded in the OpenSSH_ format (ASCII, public keys only). - ``'SEC1'``. The public key (i.e., the EC point) will be encoded into ``bytes`` according to Section 2.3.3 of `SEC1`_ (which is a subset of the older X9.62 ITU standard). Only for NIST P-curves. - ``'raw'``. The public key will be encoded as ``bytes``, without any metadata. * For NIST P-curves: equivalent to ``'SEC1'``. * For Ed25519 and Ed448: ``bytes`` in the format defined in `RFC8032`_. * For Curve25519 and Curve448: ``bytes`` in the format defined in `RFC7748`_. passphrase (bytes or string): (*Private keys only*) The passphrase to protect the private key. use_pkcs8 (boolean): (*Private keys only*) If ``True`` (default and recommended), the `PKCS#8`_ representation will be used. It must be ``True`` for Ed25519, Ed448, Curve25519, and Curve448. If ``False`` and a passphrase is present, the obsolete PEM encryption will be used. protection (string): When a private key is exported with password-protection and PKCS#8 (both ``DER`` and ``PEM`` formats), this parameter MUST be present, For all possible protection schemes, refer to :ref:`the encryption parameters of PKCS#8`. It is recommended to use ``'PBKDF2WithHMAC-SHA512AndAES128-CBC'``. compress (boolean): If ``True``, the method returns a more compact representation of the public key, with the X-coordinate only. If ``False`` (default), the method returns the full public key. This parameter is ignored for Ed25519/Ed448/Curve25519/Curve448, as compression is mandatory. prot_params (dict): When a private key is exported with password-protection and PKCS#8 (both ``DER`` and ``PEM`` formats), this dictionary contains the parameters to use to derive the encryption key from the passphrase. For all possible values, refer to :ref:`the encryption parameters of PKCS#8`. The recommendation is to use ``{'iteration_count':21000}`` for PBKDF2, and ``{'iteration_count':131072}`` for scrypt. .. warning:: If you don't provide a passphrase, the private key will be exported in the clear! .. note:: When exporting a private key with password-protection and `PKCS#8`_ (both ``DER`` and ``PEM`` formats), any extra parameters to ``export_key()`` will be passed to :mod:`Crypto.IO.PKCS8`. .. _PEM: http://www.ietf.org/rfc/rfc1421.txt .. _`PEM encryption`: http://www.ietf.org/rfc/rfc1423.txt .. _OpenSSH: http://www.openssh.com/txt/rfc5656.txt .. _RFC5480: https://tools.ietf.org/html/rfc5480 .. _SEC1: https://www.secg.org/sec1-v2.pdf .. _RFC7748: https://tools.ietf.org/html/rfc7748 Returns: A multi-line string (for ``'PEM'`` and ``'OpenSSH'``) or ``bytes`` (for ``'DER'``, ``'SEC1'``, and ``'raw'``) with the encoded key. formatrDERSEC1rawzUnknown format '%s'rFrNzEmpty passphrase use_pkcs8Tz%'pkcs8' must be True for EdDSA curvesz#'pkcs8' must be True for Curve25519rz)'protection' is only supported for PKCS#8z8Private keys can only be encrpyted with DER using PKCS#8z2Private keys cannot be exported in the '%s' formatzUnexpected parameters: '%s')rrOpenSSHrrr)copyr0r6rSrrr7rZrrrrrrrrrrrr)rHrIargs ext_formatrrrs&, r! export_keyEccKey.export_keysdt{{}XXh' E E2Z?@ @88J.     ,5J$$$Z0 !$%788d3IE!;;)))$%LMM;;,,,$%JKK4'$%PQQU"!#PPQ[d_cdd#LLNN33JG$GGu$i$%_``--LLtLL;;== "68B"CDD !>!EFFU"..x88u$88BBv%((22u$;;)))4466[[...99;;,,X66++H55r )r7r1r3r@r2r%N)T)rrrr__doc__rOrVrbrSrtr|propertyr&r'rTrrrrrrrrrrrrrr__classdictcell__) __classdict__s@r!r#r#;s*``D+"# ,   F8 7$)6*5 O 6 @=:U6U6r r#c VPR4p\V,pVPR\4pV'd\R\ V4,4h\V,P \ P8XdV!^ 4p\WR7pV#\V,P \ P8XdV!^94p\WR7pV#\V,P \ P8Xd=V!^ 4p\WR7p\V,PVP4V#\V,P \ P8Xd=V!^84p\WR7p\V,PVP4V#\P!^VP VR7p\WR7pV#)aGenerate a new private key on the given curve. Args: curve (string): Mandatory. It must be a curve name defined in the `ECC table`_. randfunc (callable): Optional. The RNG to read randomness from. If ``None``, :func:`Crypto.Random.get_random_bytes` is used. r%randfuncr)r%r')rhrir)r%r&)r0rrr4r5r:r;r<r#rCrEvalidaterTrFr rjrG)rIrKr%rr'new_keyr&s, r!generaterFsrG$J J Ezz*&67H .V<==z!1!11|z5$ N#    8>> 1|z5 N    8#6#6 6|z5 $$W^^4 N    8#4#4 4|z5 $$W^^4 N  q/4{{*2 4z/ Nr c VR,p\V,pVPRR4pVPRR4pRV9d \R4hVP\P 8Xd;Ve\ W14VR&\R/VBpVPVP4V#VP\P8Xd;Ve\ W14VR&\R/VBpVPVP4V#RW439d\W4V4VR&\R/VBpVP4'dBRV9d;VPVP,pVPW438wd \!R4hV#) ayBuild a new ECC key (private or public) starting from some base components. In most cases, you will already have an existing key which you can read in with :func:`import_key` instead of this function. Args: curve (string): Mandatory. The name of the elliptic curve, as defined in the `ECC table`_. d (integer): Mandatory for a private key and a NIST P-curve (e.g., P-256). It must be an integer in the range ``[1..order-1]``. seed (bytes): Mandatory for a private key and curves Ed25519 (32 bytes), Curve25519 (32 bytes), Curve448 (56 bytes) and Ed448 (57 bytes). point_x (integer): The X coordinate (affine) of the ECC point. Mandatory for a public key. point_y (integer): The Y coordinate (affine) of the ECC point. Mandatory for a public key, except for Curve25519 and Curve448. Returns: :class:`EccKey` : a new ECC key object r%point_xNpoint_yr(zUnknown keyword: pointz(Private and public ECC keys do not matchr)rr0r4r:r;rErr#rrTrFrrSrlr&r^r6)rIrKr%rrrpub_keys, r! constructrpsVBJ J EjjD)GjjD)G&011 xx8&&&  '#;<J  &CD $?@H  DsJK K :# ,,V4::I "(@@ .8o+  G#MN N&x0Z@@ ,4M)  G#MN N !( +55$$=$CDD9 :89 9 :s #DD-c\4PVR R7pV^,^8wd \R4h\4PV^,4Pp^pV\ V48dM\ ^R7PW5,4PpVeWb8wd \R4hTpV^, pVf \R4h\P!4FwrxVPV8XgKM \RV,4hVPP4p \ V4V 8wd \R4hR;rV\ V48dn\^R7PW5,4Pp \WR 7p V P P"p V P P$p V^, p\&P(!V4p\+W~WR 7# \dEL8i;i \dLBi;i) r) nr_elementsz!Incorrect ECC private key versionrNzCurve mismatchzNo curve foundrzPrivate key is too smallr)r%r&rrrr)r rr6r payloadr=r rrrrrrrr rrTr]rar rBr)rrrec_private_key scalar_bytes next_element parametersrKr%rrrpublic_key_encrr&s&&& r!_import_rfc5915_derr'2s!]))'y)INaA<==!#**>!+<=EELLc.)) $a0778TU[[J$)@ !122"I A L)**$]]_ 99 ! -$$E $QRRGG))+M <M)344Gc.)) )15<<^=YZ``N+NPJ ''))G ''))G A L <(A :G MM;   2   s&2A G'A,G9' G65G69 HHc2^RIHpVPW4wr4pRpRRRR/pRRRR /pW69d0\4P V4P p \ WAV 4#W79dHVe \R 4hR p \4P V4Pp \Ws,V R 7#W89dWW,p Ve\R V ,4hR p \4P V4Pp \W,V R 7#\RV,4h)rrrrrr r r r r Nz.EdDSA ECC private key must not have parametersrz+%s ECC private key must not have parametersz!Unsupported ECC purpose (OID: %s)r) rrunwrapr rrr'r6r r!rr) rrralgo_oidrrrrrrr'rKs && r! _import_pkcs8r+ms#$)LL$E!H6K ywJ |zH M((066 ";IFF    MN N &&{3;;z3$??  '  J'() ) &&{3;;x1==#$G($RSSr c.\V4p\V4#r)rr)rrIsp_infos&* r!_import_x509_certr.s.w7G ' 00r c\W4# \dpThRp?i\\\3dMi;i\ Y4# \dpThRp?i\\\3dMi;i\ Y4# \dpThRp?i\\\3dMi;i\Y4# \dpThRp?i\\\3dMi;i\R4h)NzNot an ECC DER key)rrr6r4 IndexErrorr.r'r+)rrerrs&& r! _import_derr2s +G@@   : .     55   : .    "777   : .    W11   : .    ) **s 6666 A A.AA.*A.-A.2 A== B&B  B&"B&%B&* B55 CCCCCc\VPR4p\V4R9d \R4h\P!V^,4p.p\V4^8dO\ P !RVR,4^,pVPV^^V,4V^V,RpK^V^,V^,8wd \R4hV^,PR4'd\P!4FswrVVPfKVPPR4'gK8\VPPR4^,4pV^,V8XgKsM \R X,4h\V^,VPR 7pV#V^,R 8Xd$\V^,4wr\!R WR 7pV#\RV^,,4h \"\$\P&3d\RT^,,4hi;i) zNot an openssh public keyr:Nr NNzMismatch in openssh public key ecdsa-sha2- ecdsa-sha2rzUnsupported ECC curve: r ssh-ed25519rrzUnsupported SSH key type: zError parsing SSH key type: r)rr=r6r[ a2b_base64runpackappend startswithrrrrrrrrr0r4Error) rparts keystringkeypartslkrKr%recc_keyr]ras & r!_import_openssh_publicrBs MM$ E 5z455$D''a1 )nq tYr]3A6B OOIaB/ 0!!b&'*I 8x{ "=> > 8  ~ . .%,]]_! ==(}}// == !4!4S!9!!<=A;&(&5!!:V!CDD(! JG N1X '-hqk:DAiFG N 9E!HDE E  8>> 2D7%(BCCDs+B:G1)A G148G114G1'/G1G11:H+cj^RIHpHpHpHpV!W4wrgRR\ ^ 3/pVP R4'Ed V!V4wrV \9d\RV ,4h\V ,p V P^,^,p V!V4wr\V ^,4^8wd \R4h\V 4^V ,^,8wd \R4h\P!V ^^V ,4p \P!V ^V ,R4pV!V4wr\P!V4pR VR V /pMOWh9d8W,wpppV!V4wrV!V 4wrV!V4wppVRVpR VR V/pM\R V,4hV!V4wppV!V4\RR V RV/VB#)rw)import_openssh_private_generic read_bytes read_string check_paddingrrr6zUnsupported ECC curve %sz/Only uncompressed OpenSSH EC keys are supportedzIncorrect public key lengthNr&r%r'zUnsupport SSH agent key type:rrr)_opensshrDrErFrGrr;rr modulus_bitsrr6r=r rBr)datapasswordrDrErFrGkey_type decrypted eddsa_keysecdsa_curve_namer%rrrrrr&rrKrseed_lenprivate_public_keyr'_paddeds&& r!_import_openssh_private_eccrTsCC9HH  #=rBJ <((&1)&<# 7 *'(BEU(UV V()++a/A5 *9 5  1 ! #NO O z?a-/!3 3:; ;$$Z!M/%BC$$Z-0@%AB!+I!6   { +q'#34  8B8L5 +X *9 5 2:>(29(=%I!)8,$488CDDI&IAv&  @W @g @ @@r cb\V4^ 8wd \R4h\R4pRp\V4pV^,^, pV^;;,^,uu&\P!VRR7pWQ8d \R4hV^8XdR#V^,^, V,pV^,V,V,^,V,pVP V4pWh,V,p \P !W4p V ^,V8wd W, p W3# \d \R4hi;i) aAImport an Ed25519 ECC public key, encoded as raw bytes as described in RFC8032_. Args: encoded (bytes): The Ed25519 public key to import. It must be 32 bytes long. Returns: x and y (integer) Raises: ValueError: when the given key cannot be parsed. .. _RFC8032: https://datatracker.ietf.org/doc/html/rfc8032 z9Incorrect length. Only Ed25519 public keys are supported.llx&(7Z/ ;(P8se:8 w6Rr+r,zInvalid Ed25519 key (y)zInvalid Ed25519 public keyrrw)r=r6r rArBrk_tonelli_shanks rrr&rax_lsbruvv_invx2rs & r!rr!s" 7|rTUURSAUA'A bEQJEbETME  h7G|233!| !a1A 1*q.A  !Q&A7 ! i1_))"0 aKE !kG   75667s A DD.c\V4^ 8wd \R4h\V4pV^;;,^,uu&\P!VRR7pV#)a@Import a Curve25519 ECC public key, encoded as raw bytes as described in RFC7748_. Args: encoded (bytes): The Curve25519 public key to import. It must be 32 bytes long. Returns: x (integer) Raises: ValueError: when the given key cannot be parsed. .. _RFC7748: https://datatracker.ietf.org/doc/html/rfc7748 zIncorrect Curve25519 key lengthr+r,)r=r6rAr rB)rr]rs& r!rrNsJ" 7|r:;;'AbETME  h7G Nr cl\V4^88wd \R4h\P!VRR7pV#)a<Import a Curve448 ECC public key, encoded as raw bytes as described in RFC7748_. Args: encoded (bytes): The Curve448 public key to import. It must be 56 bytes long. Returns: x (integer) Raises: ValueError: when the given key cannot be parsed. .. _RFC7748: https://datatracker.ietf.org/doc/html/rfc7748 zIncorrect Curve448 key lengthr+r,)r=r6r rB)rrs& r!rrjs3" 7|r899  H=G Nr cl\V4^98wd \R4h\R,PpVR, pVR,p\ V^8,4^, p\ P !VRR7pWQ8d \R4hV^8XdR #V^,^, V,pV^,V,V,^, V,pVPV4pWh,V,p \ P!W4p V ^,V8wd W, p W3# \d \R4hi;i) a?Import an Ed448 ECC public key, encoded as raw bytes as described in RFC8032_. Args: encoded (bytes): The Ed448 public key to import. It must be 57 bytes long. Returns: x and y (integer) Raises: ValueError: when the given key cannot be parsed. .. _RFC8032: https://datatracker.ietf.org/doc/html/rfc8032 z7Incorrect length. Only Ed448 public keys are supported.curve448i:N8Nr+r,zInvalid Ed448 key (y)zInvalid Ed448 public keyrV) r=r6rrrr rBrkrWrXs & r!rrs" 7|rRSS A E A A   "E  h7G|011!| !a1A 1*q.A  !Q&A5 ! i1_))"0 aKE !kG   53445s A DD3cn^RIHp\V4pVe \V4pVPR4'd-\ V4pVP WA4wrVp\ WQ4pV#VPR4'dr\ V4pRp Rp \P!V R,V ,RV\PR 7pVP WA4wrpV'dRp\W4pV#VPR4'd \V4#\V4^8d#\V^,4^08Xd \W4#\V4^8d3\V^,4R9dVf \R 4h\!WR 7#\R 4h \dp T hRp ? i\d \R 4hi;i)a Import an ECC key (public or private). Args: encoded (bytes or multi-line string): The ECC key to import. The function will try to automatically detect the right format. Supported formats for an ECC **public** key: * X.509 certificate: binary (DER) or ASCII (PEM). * X.509 ``subjectPublicKeyInfo``: binary (DER) or ASCII (PEM). * SEC1_ (or X9.62), as ``bytes``. NIST P curves only. You must also provide the ``curve_name`` (with a value from the `ECC table`_) * OpenSSH line, defined in RFC5656_ and RFC8709_ (ASCII). This is normally the content of files like ``~/.ssh/id_ecdsa.pub``. Supported formats for an ECC **private** key: * A binary ``ECPrivateKey`` structure, as defined in `RFC5915`_ (DER). NIST P curves only. * A `PKCS#8`_ structure (or the more recent Asymmetric Key Package, RFC5958_): binary (DER) or ASCII (PEM). * `OpenSSH 6.5`_ and newer versions (ASCII). Private keys can be in the clear or password-protected. For details about the PEM encoding, see `RFC1421`_/`RFC1423`_. passphrase (byte string): The passphrase to use for decrypting a private key. Encryption may be applied protected at the PEM level (not recommended) or at the PKCS#8 level (recommended). This parameter is ignored if the key in input is not encrypted. curve_name (string): For a SEC1 encoding only. This is the name of the curve, as defined in the `ECC table`_. .. note:: To import EdDSA private and public keys, when encoded as raw ``bytes``, use: * :func:`Crypto.Signature.eddsa.import_public_key`, or * :func:`Crypto.Signature.eddsa.import_private_key`. .. note:: To import X25519/X448 private and public keys, when encoded as raw ``bytes``, use: * :func:`Crypto.Protocol.DH.import_x25519_public_key` * :func:`Crypto.Protocol.DH.import_x25519_private_key` * :func:`Crypto.Protocol.DH.import_x448_public_key` * :func:`Crypto.Protocol.DH.import_x448_private_key` Returns: :class:`EccKey` : a new ECC key object Raises: ValueError: when the given key cannot be parsed (possibly because the pass phrase is wrong). .. _RFC1421: https://datatracker.ietf.org/doc/html/rfc1421 .. _RFC1423: https://datatracker.ietf.org/doc/html/rfc1423 .. _RFC5915: https://datatracker.ietf.org/doc/html/rfc5915 .. _RFC5656: https://datatracker.ietf.org/doc/html/rfc5656 .. _RFC8709: https://datatracker.ietf.org/doc/html/rfc8709 .. _RFC5958: https://datatracker.ietf.org/doc/html/rfc5958 .. _`PKCS#8`: https://datatracker.ietf.org/doc/html/rfc5208 .. _`OpenSSH 6.5`: https://flak.tedunangst.com/post/new-openssh-key-format-and-bcrypt-pbkdf .. _SEC1: https://www.secg.org/sec1-v2.pdf rNs-----BEGIN OPENSSH PRIVATE KEYs-----z-----BEGIN EC PARAMETERS-----z-----END EC PARAMETERS-----z.*?rY)flagsz(Invalid DER encoding inside the PEM filezNo curve name was provided)rKzECC key format is not supported)r5r7r)rrrr;rrrTresubDOTALLr2rr6rBr=rr) rrrKr text_encodedopenssh_encodedmarkerenc_flagr`ecparams_start ecparams_end der_encodeduefs &&& r! import_keyrpsRgGZ( ;<<W~ ,/JJ|,P),_I   H % %W~ 94 vvnu4|CR*$&II/ ), <(L% X J I 9F  :;;%g.. 7|aD,47// 7|aD,0BB  9: :!'AA 6 77)% I IGH H Is F F4F F4' F4__main__l_,)N$c hKf-5lkrsw>& GG',,@@)*00' J H6VH6V'TDN5>p@EF8Nv%TP1 +B+\4An*Z82)X{8| zJA FO   " " $E E IIKE 5\ + e+u4t;TB IIKE 5\! #diikE&9U%BT%I4P#r