o 9Bi" @sUdZddlmZddlmZmZmZmZddlm Z m Z ddl m Z m Z mZddlmZe r5ddlmZGdd d e ZGd d d e ZGd d d eZGdddeZGdddeZeeGdddZeeGdddZeeGdddZeeGdddZeeGdddZeeGdddZeeGdddZeeGd d!d!Zeeeeeeeed"Zd#e d$<d8d(d)Z!d9d+d,Z"d9d-d.Z#d:d/d0Z$d;d2d3Z%drrrgetKexs rAboolcCtt|S)z Returns C{True} if C{kexAlgorithm} is an elliptic curve. @param kexAlgorithm: The key exchange algorithm name. @return: C{True} if C{kexAlgorithm} is an elliptic curve, otherwise C{False}. )r$ providedByrAr@rrrisEllipticCurve rEcCrC)z Returns C{True} if C{kexAlgorithm} has a fixed prime / generator group. @param kexAlgorithm: The key exchange algorithm name. @return: C{True} if C{kexAlgorithm} has a fixed prime / generator group, otherwise C{False}. )r rDrAr@rrr isFixedGrouprFrGcCst|}|jS)z Get the hash algorithm callable to use in key exchange. @param kexAlgorithm: The key exchange algorithm name. @return: A callable hash algorithm constructor (e.g. C{hashlib.sha256}). )rArr>kexrrrgetHashProcessorsrJtuple[int, int]cCstt|}|j|jfS)z Get the generator and the prime to use in key exchange. @param kexAlgorithm: The key exchange algorithm name. @type kexAlgorithm: L{bytes} @return: A L{tuple} containing L{int} generator and L{int} prime. @rtype: L{tuple} )r rAr"r!rHrrrgetDHGeneratorAndPrimes rL list[bytes]csddlm}ddlm}ddlm}|}ttD]+}| dr5| dd}| | ||}n | dr?| }nd}|sH|qtfd d d S) z Get a list of supported key exchange algorithm names in order of preference. @return: A C{list} of supported key exchange algorithm names. r)default_backend)ec) _curveTablesecdhsecdsar<Tcs |jSr)rr@ kexAlgorithmsrr(s z*getSupportedKeyExchanges..)key)cryptography.hazmat.backendsrN)cryptography.hazmat.primitives.asymmetricrOtwisted.conch.ssh.keysrPr=copylist startswithreplace+elliptic_curve_exchange_algorithm_supportedECDHx25519_supportedpopsorted)rNrOrPbackend keyAlgorithmkeyAlgorithmDsa supportedrrQrgetSupportedKeyExchanges s(           reN)r>rrr)r>rrrB)r>rrr)r>rrrK)rrM)'r __future__rhashlibrrrrtypingrrzope.interfacer r r twisted.conchr r rrr r$r'r)r-r/r1r3r5r7r9r=rrArErGrJrLrerrrrsX