diiddlmZddlZddlmZddlmZmZddlm Z m Z ddl m Z m Z ddlmZmZmZmZmZddlmZmZdd lmZmZmZmZmZmZmZmZm Z m!Z!erdd l"m#Z#m$Z$Gd d Z%Gd dZ&GddZ'dS)) annotationsN) TYPE_CHECKING)ffilib)GLOBAL_CONTEXTContext) decode_der encode_der) cdata_to_der der_to_cdatadeserialize_recoverablerecoverserialize_recoverable) EC_COMPRESSEDEC_UNCOMPRESSED) DEFAULT_NONCE bytes_to_int der_to_pemget_valid_secret hex_to_bytesint_to_bytes_padded pad_scalar pem_to_dersha256validate_secret)HasherNonceceZdZdefd,dZeefd-dZd.d/dZeefd-dZ d0dZ d1d2dZ d1d2dZ d3dZ d4dZd5dZd5d Zeefd6d"Zeefd7d$Zeefd8d&Zeefd9d(Zd)Zd:d*Zd4d+ZdS); PrivateKeyNsecret bytes | Nonecontextrc|t|n t|_||_t|j|j|_t|j|j|_dS)z Initializes a private key. Parameters: secret: The secret used to initialize the private key. If not provided, a new key will be generated. context: The context to use. N) rrr r" PublicKeyfrom_valid_secret public_keyPublicKeyXOnlypublic_key_xonly)selfr r"s L/var/www/html/volatility/venv/lib/python3.11/site-packages/coincurve/keys.py__init__zPrivateKey.__init__sl9?8J_V444P`PbPb  %.%@%@dl%[%[0>0P0PQUQ\^b^j0k0kmessagebyteshasherr custom_noncerreturnc:| ||n|}t|dkrd}t|tjd}|\}}t j|jj|||j||} | sd}t|t||jS)aZ Creates an ECDSA signature. Parameters: message: The message to sign. hasher (collections.abc.Callable[[bytes], bytes] | None): The hash function to use, which must return 32 bytes. By default, the `sha256` algorithm is used. If `None`, no hashing occurs. custom_nonce (tuple[ffi.CData, ffi.CData]): Custom nonce data in the form `(nonce_function, input_data)`. For more information, refer to the `libsecp256k1` documentation [here](https://github.com/bitcoin-core/secp256k1/blob/v0.6.0/include/secp256k1.h#L637-L642). Returns: The ECDSA signature. Raises: ValueError: If the message hash was not 32 bytes long, the nonce generation function failed, or the private key was invalid. N #Message hash must be 32 bytes long.zsecp256k1_ecdsa_signature *EThe nonce generation function failed, or the private key was invalid.) len ValueErrorrnewrsecp256k1_ecdsa_signr"ctxr r r)r-r/r0msg_hashmsg signaturenonce_fn nonce_datasigneds r*signzPrivateKey.sign+s&'-&866'???g x==B  7CS// !G9:: +*)$,*:IxQUQ\^fhrss "YCS// !It|444r,r,aux_randomnessct|dkrd}t||dkrtjd}n3| tj}n$t|dkrd}t|t jd}tj|j j ||j }|sd}t|t jd}tj |j j ||||}|sd }t|tj |j j ||t||jj}|sd }t|t!t j|S) a Creates a Schnorr signature. Parameters: message: The message to sign. aux_randomness: 32 bytes of fresh randomness, empty bytestring (auto-generated), or None (no randomness). Returns: The Schnorr signature. Raises: ValueError: If the message was not 32 bytes long, the optional auxiliary random data was not 32 bytes long, signing failed, or the signature was invalid. r3zMessage must be 32 bytes long.r,Nz,Auxiliary random data must be 32 bytes long.secp256k1_keypair *Secret was invalidzunsigned char[64]zSigning failedzInvalid signature)r6r7osurandomrNULLr8rsecp256k1_keypair_creater"r:r secp256k1_schnorrsig_sign32secp256k1_schnorrsig_verifyr(r&r.buffer)r)r-rCr=keypairresr>s r* sign_schnorrzPrivateKey.sign_schnorrNs` w<<2  2CS// ! S Z^^NN  # XNN  B & &@CS// !'/00*4<+;WdkRR "&CS// !G/00 -dl.> 7T[]kll ""CS// !- L i#g,,@U@`   "%CS// !SZ **+++r,c:| ||n|}t|dkrd}t|tjd}|\}}t j|jj|||j||} | sd}t|t||jS)ai Creates a recoverable ECDSA signature. Parameters: message: The message to sign. hasher (collections.abc.Callable[[bytes], bytes] | None): The hash function to use, which must return 32 bytes. By default, the `sha256` algorithm is used. If `None`, no hashing occurs. custom_nonce (tuple[ffi.CData, ffi.CData]): Custom nonce data in the form `(nonce_function, input_data)`. For more information, refer to the `libsecp256k1` documentation [here](https://github.com/bitcoin-core/secp256k1/blob/v0.6.0/include/secp256k1.h#L637-L642). Returns: The recoverable ECDSA signature. Raises: ValueError: If the message hash was not 32 bytes long, the nonce generation function failed, or the private key was invalid. Nr3r4z'secp256k1_ecdsa_recoverable_signature *r5) r6r7rr8r secp256k1_ecdsa_sign_recoverabler"r:r rr;s r*sign_recoverablezPrivateKey.sign_recoverable~s&'-&866'???g x==B  7CS// !GEFF +*5 L i4;*   "YCS// !$Y ===r,r&c tjd}tj|jj|t |j|jtj tj ttj |dS)a Computes an EC Diffie-Hellman secret in constant time. !!! note This prevents malleability by returning `sha256(compressed_public_key)` instead of the `x` coordinate directly. Parameters: public_key: The formatted public key. Returns: The 32-byte shared secret. Raises: ValueError: If the public key could not be parsed or was invalid. unsigned char [32]r3) rr8rsecp256k1_ecdhr"r:r$r&r rIr.rM)r)r&r s r*ecdhzPrivateKey.ecdhse"-.. 4<+VYz5J5J5UW[WbdgdlnqnvwwwSZ++,,,r,Fscalarupdateboolcft|}tjd|j}t j|jj||}|sd}t|ttj |d}|r||_| |St||jS)a Adds a scalar to the private key. Parameters: scalar: The scalar with which to add. update: Whether to update the private key in-place. Returns: The new private key, or the modified private key if `update` is `True`. Raises: ValueError: If the tweak was out of range or the resulting private key was invalid. rUzDThe tweak was out of range, or the resulting private key is invalid.r3) rrr8r rsecp256k1_ec_seckey_tweak_addr"r:r7r.rM_update_public_keyr)r)rXrYr successr=s r*addzPrivateKey.addsF##-t{;;3DL4DffUU "XCS// !sz&"--..   DK  # # % % %K&$,///r,c@t|}tjd|j}t j|jj||ttj |d}|r||_| |St||jS)a+ Multiplies the private key by a scalar. Parameters: scalar: The scalar with which to multiply. update: Whether to update the private key in-place. Returns: The new private key, or the modified private key if `update` is `True`. rUr3) rrr8r rsecp256k1_ec_seckey_tweak_mulr"r:r.rMr]r)r)rXrYr s r*multiplyzPrivateKey.multiplys!((-t{;; )$,*:FFKKKsz&"--..   DK  # # % % %K&$,///r,strc4|jS)zB Returns the private key encoded as a hex string. )r hexr)s r*to_hexzPrivateKey.to_hexs{   r,intc*t|jS)z8 Returns the private key as an integer. )rr rfs r*to_intzPrivateKey.to_intsDK(((r,cDt|S)z@ Returns the private key encoded in PEM format. )rto_derrfs r*to_pemzPrivateKey.to_pems$++--(((r,c^t|j|jdS)z@ Returns the private key encoded in DER format. F compressed)r r r&formatrfs r*rlzPrivateKey.to_ders)$+t'='='='O'OPPPr,hexedc<tt||S)z Creates a private key from a hex string. Parameters: hexed: The private key encoded as a hex string. context: The context to use. Returns: The private key. )rr)clsrrr"s r*from_hexzPrivateKey.from_hex s,u--w777r,numc<tt||S)z Creates a private key from an integer. Parameters: num: The private key as an integer. context: The context to use. Returns: The private key. )rr)rtrvr"s r*from_intzPrivateKey.from_ints-c22G<<#>#>#>#>J----.00000B000004!!!! )))) )))) QQQQ 5C 8 8 8 8[ 83A = = = =[ =5C @ @ @ @[ @5C 4 4 4 4[ 4"""++++!!!!!!r,rceZdZefd'dZeefd(d Zeefd(d Zeefd)dZee efd*dZ eefd+dZ d,d-dZ d.dZ e fd/dZd0d1d!Zd0d1d"Zd0d2d#Zd3d$Zd4d%Zd&S)5r$databytes | ffi.CDatar"rct|ts||_nWtjd}t j|j||t|}|sd}t|||_||_ dS)a Initializes a public key. Parameters: data (bytes): The formatted public key. This class supports parsing compressed (33 bytes, header byte `0x02` or `0x03`), uncompressed (65 bytes, header byte `0x04`), or hybrid (65 bytes, header byte `0x06` or `0x07`) format public keys. context: The context to use. Raises: ValueError: If the public key could not be parsed or was invalid. secp256k1_pubkey *1The public key could not be parsed or is invalid.N) isinstancer.r&rr8rsecp256k1_ec_pubkey_parser:r6r7r")r)rr"r&parsedr=s r*r+zPublicKey.__init__Ts|$&& )"DOO!566J27; DRUVZR[R[\\F &I oo%(DO r,r r.r1ctjd}tj|j|t |}|sd}t |t||S)a! Derives a public key from a private key secret. Parameters: secret: The private key secret. context: The context to use. Returns: The public key. Raises: ValueError: If an invalid secret was used. rzuSomehow an invalid secret was used. Please submit this as an issue here: https://github.com/ofek/coincurve/issues/new)rr8rrr:rr7r$rtr r"r&rr=s r* from_secretzPublicKey.from_secretqscW122 0j/Z`JaJabb "?  S// !W---r,ctjd}tj|j||}|sd}t |t ||S)a: Derives a public key from a valid private key secret, avoiding input checks. Parameters: secret: The private key secret. context: The context to use. Returns: The public key. Raises: ValueError: If the secret was invalid. rr)rr8rrr:r7r$rs r*r%zPublicKey.from_valid_secretsSW122 0j&QQ "#CS// !W---r,xrhycbtdt|zt|z|S)z Derives a public key from a coordinate point. Parameters: x: The x coordinate. y: The y coordinate. context: The context to use. Returns: The public key. )r$r)rtrrr"s r* from_pointzPublicKey.from_points2#6q#9#99r-r/rc `tt|t||||S)a Recovers an ECDSA public key from a recoverable signature. Parameters: signature: The recoverable ECDSA signature. message: The message that was supposedly signed. hasher (collections.abc.Callable[[bytes], bytes] | None): The hash function to use, which must return 32 bytes. By default, the `sha256` algorithm is used. If `None`, no hashing occurs. context: The context to use. Returns: The public key that signed the message. Raises: ValueError: If the message hash was not 32 bytes long or recovery of the ECDSA public key failed. )r")r/r")r$rr )rtr>r-r/r"s r*from_signature_and_messagez$PublicKey.from_signature_and_messages:* G4YPPPY_ip q q q   r, public_keyslist[PublicKey]ctjd}tj|j|d|Dt |}|sd}t |t||S)a5 Adds a number of public keys together. Parameters: public_keys: A sequence of public keys. context: The context to use. Returns: The combined public key. Raises: ValueError: If the sum of the public keys was invalid. rcg|] }|j Srr&.0pks r* z*PublicKey.combine_keys..s%J%J%Jbm%J%J%Jr,&The sum of the public keys is invalid.)rr8rsecp256k1_ec_pubkey_combiner:r6r7r$)rtrr"r&combinedr=s r* combine_keyszPublicKey.combine_keysstW122 2 K%J%Jk%J%J%JCP[L\L\   ":CS// !W---r,TrprZc|rdnd}tjd|z}tjd|}tj|jj|||j|rtntttj ||S)a Formats the public key. Parameters: compressed: Whether to use the compressed format. Returns: The 33 byte formatted public key, or the 65 byte formatted public key if `compressed` is `False`. !Azunsigned char [%d]zsize_t *) rr8rsecp256k1_ec_pubkey_serializer"r:r&rrr.rM)r)rplength serialized output_lens r*rqzPublicKey.formats")rW1F:;; WZ00  ) L j*doXbGw}}hw   SZ F33444r,tuple[int, int]c|d}t|ddt|ddfS)z? Returns the public key as a coordinate point. FrorN)rqr)r)r&s r*pointzPublicKey.pointsC[[E[22 Jqt,--|JrssO/L/LLLr,c| ||n|}t|dkrd}t|tj|jjt |||j}| S)al Verifies an ECDSA signature. Parameters: signature: The ECDSA signature. message: The message that was supposedly signed. hasher (collections.abc.Callable[[bytes], bytes] | None): The hash function to use, which must return 32 bytes. By default, the `sha256` algorithm is used. If `None`, no hashing occurs. Returns: A boolean indicating whether the signature is correct. Raises: ValueError: If the message hash was not 32 bytes long or the DER-encoded signature could not be parsed. Nr3r4)r6r7rsecp256k1_ecdsa_verifyr"r:r r&)r)r>r-r/r<r=verifieds r*verifyzPublicKey.verifysq"'-&866'???g x==B  7CS// !-dl.> Y@W@WYacgcrss <r,FrXrYct|}tjd|jd}t j|jj||}|sd}t||r ||_|St||jS)a Adds a scalar to the public key. Parameters: scalar: The scalar with which to add. update: Whether to update the public key in-place. Returns: The new public key, or the modified public key if `update` is `True`. Raises: ValueError: If the tweak was out of range or the resulting public key was invalid. rrzCThe tweak was out of range, or the resulting public key is invalid.) rrr8r&rsecp256k1_ec_pubkey_tweak_addr"r:r7r$)r)rXrYnew_keyr^r=s r*r_z PublicKey.add!sF##'.0BCC3DL4DgvVV "WCS// !  %DOK$,///r,ct|}tjd|jd}t j|jj|||r ||_|St||jS)a' Multiplies the public key by a scalar. Parameters: scalar: The scalar with which to multiply. update: Whether to update the public key in-place. Returns: The new public key, or the modified public key if `update` is `True`. rr) rrr8r&rsecp256k1_ec_pubkey_tweak_mulr"r:r$)r)rXrYrs r*rbzPublicKey.multiply?sj!(('.0BCC )$,*:GVLLL  %DOK$,///r,c tjd}tj|jj|d|g|Dt |dz}|sd}t||r ||_|St||jS)a} Adds a number of public keys together. Parameters: public_keys: A sequence of public keys. update: Whether to update the public key in-place. Returns: The combined public key, or the modified public key if `update` is `True`. Raises: ValueError: If the sum of the public keys was invalid. rcg|] }|j Srrrs r*rz%PublicKey.combine..gs'U'U'U" 'U'U'Ur,rr) rr8rrr"r:r6r7r&r$)r)rrYrrr=s r*combinezPublicKey.combineVs'.//2 L g'U'U@T @T'U'U'UWZ[fWgWgjkWk   ":CS// !  %DOK$,///r,c^|d|dkSNFro)rqrs r*rzPublicKey.__eq__ts){{e{,,  0N0NNNr,cHt|dSrrrqrfs r*rzPublicKey.__hash__wsDKK5K11222r,N)rrr"r)r r.r"rr1r$)rrhrrhr"rr1r$) r>r.r-r.r/rr"rr1r$)rrr"rr1r$)T)rprZr1r.)r1r)r>r.r-r.r/rr1rZr)rXr.rYrZr1r$)rrrYrZr1r$rr)rrrrr+rrr%rrrrrqrrr_rbrrrrr,r*r$r$SsCQ:;I....[.8AO....[.0;I ] ] ] ][ ]@F[i    [ 0KY....[.455555*MMMMIO     600000<00000.00000<OOOO333333r,r$c|eZdZdefddZeefdd Zeefdd ZddZddZ ddZ ddZ ddZ dS) r'FrrparityrZr"rct|ts||_nItjd}t j|j||}|sd}t|||_||_ ||_ dS)a\ Initializes a BIP340 `x-only` public key. Parameters: data (bytes): The formatted public key. parity: Whether the encoded point is the negation of the public key. context: The context to use. Raises: ValueError: If the public key could not be parsed or is invalid. secp256k1_xonly_pubkey *rN) rr.r&rr8rsecp256k1_xonly_pubkey_parser:r7rr")r)rrr"r&rr=s r*r+zPublicKeyXOnly.__init__|sw$&& )"DOO!;<r-ct|dkrd}t|tj|jj||t||j S)ao Verifies a Schnorr signature over a given message. Parameters: signature: The 64-byte Schnorr signature to verify. message: The message to be verified. Returns: A boolean indicating whether the signature is correct. Raises: ValueError: If the signature is not 64 bytes long. @z Signature must be 64 bytes long.)r6r7rrLr"r:r&)r)r>r-r=s r*rzPublicKeyXOnly.verifys] y>>R  4CS// !6 L i#g,,     r,rXNonecPt|}tjd}tj|jj||j|}|sd}t|tjd}tj |jj|j|||d |_ dS)a% Adds a scalar to the public key. Parameters: scalar: The scalar with which to add. Returns: The modified public key. Raises: ValueError: If the tweak was out of range or the resulting public key would be invalid. rzHThe tweak was out of range, or the resulting public key would be invalidrrN) rrr8r secp256k1_xonly_pubkey_tweak_addr"r:r&r7"secp256k1_xonly_pubkey_from_pubkeyr)r)rX out_pubkeyrOr=rs r* tweak_addzPublicKeyXOnly.tweak_addsF##W122 24<3CZQUQ`bhii "\CS// !GG$$  .t|/?R[]ghhh'l** r,cbtj|jj|j|j}|dkS)Nr)rsecp256k1_xonly_pubkey_cmpr"r:r&)r)rrOs r*rzPublicKeyXOnly.__eq__s*,T\-=tPUP`aaaxr,rhcDt|Srrrfs r*rzPublicKeyXOnly.__hash__sDKKMM"""r,N)rrrrZr"r)r r.r"rr1r'r)r>r.r-r.r1rZ)rXr.r1rrr) rrrrr+rrr%rqrrrrrr,r*r'r'{s?DYg4;IOOOO[O4AOOOOO[O4////&    ,++++2######r,r')( __future__rrGtypingrcoincurve._libsecp256k1rrcoincurve.contextrr coincurve.derr r coincurve.ecdsar r r rrcoincurve.flagsrrcoincurve.utilsrrrrrrrrrrcoincurve.typesrrrr$r'rr,r*rs"""""" ,,,,,,,,5555555500000000oooooooooooooo::::::::                        .--------t!t!t!t!t!t!t!t!n e3e3e3e3e3e3e3e3P X#X#X#X#X#X#X#X#X#X#r,