from typing import Dict, Optional, Tuple, Type, Union
+import dns._features
import dns.name
from dns.dnssecalgs.base import GenericPrivateKey
from dns.dnssectypes import Algorithm
from dns.exception import UnsupportedAlgorithm
from dns.rdtypes.ANY.DNSKEY import DNSKEY
+# pyright: reportPossiblyUnboundVariable=false
+
if dns._features.have("dnssec"):
from dns.dnssecalgs.dsa import PrivateDSA, PrivateDSANSEC3SHA1
from dns.dnssecalgs.ecdsa import PrivateECDSAP256SHA256, PrivateECDSAP384SHA384
class CryptographyPrivateKey(GenericPrivateKey):
key: Any = None
key_cls: Any = None
- public_cls: Type[CryptographyPublicKey]
+ public_cls: Type[CryptographyPublicKey] # pyright: ignore
def __init__(self, key: Any) -> None: # pylint: disable=super-init-not-called
if self.key_cls is None:
public_dsa_key = self.key.public_key()
if public_dsa_key.key_size > 1024:
raise ValueError("DSA key size overflow")
- der_signature = self.key.sign(data, self.public_cls.chosen_hash)
+ der_signature = self.key.sign(
+ data, self.public_cls.chosen_hash # pyright: ignore
+ )
dsa_r, dsa_s = utils.decode_dss_signature(der_signature)
dsa_t = (public_dsa_key.key_size // 8 - 64) // 8
octets = 20
) -> bytes:
"""Sign using a private key per RFC 6605, section 4."""
algorithm = ec.ECDSA(
- self.public_cls.chosen_hash, deterministic_signing=deterministic
+ self.public_cls.chosen_hash, # pyright: ignore
+ deterministic_signing=deterministic,
)
der_signature = self.key.sign(data, algorithm)
dsa_r, dsa_s = utils.decode_dss_signature(der_signature)
signature = int.to_bytes(
- dsa_r, length=self.public_cls.octets, byteorder="big"
- ) + int.to_bytes(dsa_s, length=self.public_cls.octets, byteorder="big")
+ dsa_r, length=self.public_cls.octets, byteorder="big" # pyright: ignore
+ ) + int.to_bytes(
+ dsa_s, length=self.public_cls.octets, byteorder="big" # pyright: ignore
+ )
if verify:
self.public_key().verify(signature, data)
return signature
def generate(cls) -> "PrivateECDSA":
return cls(
key=ec.generate_private_key(
- curve=cls.public_cls.curve, backend=default_backend()
+ curve=cls.public_cls.curve, backend=default_backend() # pyright: ignore
),
)
class PrivateEDDSA(CryptographyPrivateKey):
- public_cls: Type[PublicEDDSA]
+ public_cls: Type[PublicEDDSA] # pyright: ignore
def sign(
self,
deterministic: bool = True,
) -> bytes:
"""Sign using a private key per RFC 3110, section 3."""
- signature = self.key.sign(data, padding.PKCS1v15(), self.public_cls.chosen_hash)
+ signature = self.key.sign(
+ data, padding.PKCS1v15(), self.public_cls.chosen_hash # pyright: ignore
+ )
if verify:
self.public_key().verify(signature, data)
return signature
reportUnsupportedDunderAll = false
exclude = [
"dns/_*_backend.py",
- "dns/dnssecalgs/*.py",
"dns/quic/*.py",
"examples/*.py",
"tests/*.py",
projects / thirdparty / dnspython.git / commitdiff
