3 Te!@sddlmZmZmZddlmZddlmZmZm Z ddl m Z ddl m Z eje jeje jeje jeje jGdddeZdS) )absolute_importdivisionprint_function)utils) InvalidTagUnsupportedAlgorithm_Reasons)ciphers)modesc@sReZdZdZdZdZddZddZd d Zd d Z d dZ ddZ e j dZdS)_CipherContextrc Cs||_||_||_||_d|_t|jtjr<|jjd|_ nd|_ |jj j }|jj j ||jj j}|jj}y|t|t|f}Wn4tk rtdj|j|r|jn|tjYnX||j||}||jj jkrdj|} |dk r| dj|7} | dj|jj7} t| tjt|tjr8|jj j|j} njt|tjrX|jj j|j} nJt|tjrx|jj j|j } n*t|tjr|jj j|j } n |jj j} |jj j!|||jj j|jj j|jj j|} |jj"| dk|jj j#|t$|j%} |jj"| dkt|tj&r|jj j'||jj j(t$| |jj j} |jj"| dk|j)dk r|jj j'||jj j*t$|j)|j)} |jj"| dk|j)|_|jj j!||jj j|jj j|jj j|j%| |} |jj"| dk|jj j+|d||_,dS)Nr z6cipher {} in {} mode is not supported by this backend.zcipher {0.name} zin {0.name} mode z_is not supported by this backend (Your version of OpenSSL may be too old. Current version: {}.)r)-_backendZ_cipher_mode _operation_tag isinstancer ZBlockCipherAlgorithmZ block_size_block_size_bytes_libZEVP_CIPHER_CTX_new_ffigcZEVP_CIPHER_CTX_freeZ_cipher_registrytypeKeyErrorrformatnamerZUNSUPPORTED_CIPHERNULLZopenssl_version_textr ZModeWithInitializationVector from_bufferZinitialization_vectorZ ModeWithTweakZtweakZ ModeWithNonceZnonceZEVP_CipherInit_exopenssl_assertZEVP_CIPHER_CTX_set_key_lengthlenkeyGCMEVP_CIPHER_CTX_ctrlZEVP_CTRL_AEAD_SET_IVLENtagEVP_CTRL_AEAD_SET_TAGZEVP_CIPHER_CTX_set_padding_ctx) selfZbackendZciphermodeZ operationZctxregistryZadapterZ evp_ciphermsgZiv_nonceresr,/usr/lib64/python3.6/ciphers.py__init__s       z_CipherContext.__init__cCs2tt||jd}|j||}t|d|S)Nr ) bytearrayr r update_intobytes)r'databufnr,r,r-updatezs z_CipherContext.updatec Cst|}t|||jdkr:tdjt||jdd}d}|jjjd}|jjj|dd}|jjj|}xh||kr||} ||} t|j ||} |jj j |j | || | } |jj | dk|| 7}||d7}qrW|S)Nr z1buffer must be at least {} bytes for this payloadrzint *T)Zrequire_writable)r r ValueErrorrrrnewrmin_MAX_CHUNK_SIZErEVP_CipherUpdater&r) r'r2r3Ztotal_data_lenZdata_processedZ total_outoutlenZ baseoutbufZ baseinbufZoutbufZinbufZinlenr+r,r,r-r0s( z_CipherContext.update_intocCsh|j|jkr,t|jtjr,|jdkr,td|jj j d|j }|jj j d}|jj j |j||}|dkr|jj}| rt|jtjrt|jj|dj|jj j|jj j|dtdt|jtjo|j|jkr.|jj j d|j }|jj j|j|jj j|j |}|jj|dk|jj j|dd|_|jj j|j}|jj|dk|jj j|d|dS)Nz4Authentication tag must be provided when decrypting.zunsigned char[]zint *r)errorszFThe length of the provided data is not a multiple of the block length.r )r_DECRYPTrrr ZModeWithAuthenticationTagr$r6rrr7rrZEVP_CipherFinal_exr&Z_consume_errorsr"rrZ_lib_reason_matchZ ERR_LIB_EVPZ'EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH_ENCRYPTr#ZEVP_CTRL_AEAD_GET_TAGbufferrZEVP_CIPHER_CTX_cleanup)r'r3r;r+r<Ztag_bufr,r,r-finalizesB     z_CipherContext.finalizecCs`t||jjkr"tdj|jj|jjj|j|jjj t||}|jj |dk||_ |j S)Nz.Authentication tag must be {} bytes or longer.r) r rZ_min_tag_lengthr6rrrr#r&r%rrr@)r'r$r+r,r,r-finalize_with_tags z _CipherContext.finalize_with_tagcCsN|jjjd}|jjj|j|jjj||jjj|t|}|jj |dkdS)Nzint *r) rrr7rr:r&rrr r)r'r2r;r+r,r,r-authenticate_additional_datas  z+_CipherContext.authenticate_additional_datarNi@i?)__name__ __module__ __qualname__r>r=r9r.r5r0r@rArBrZread_only_propertyr$r,r,r,r-r sd3 r N)Z __future__rrrZ cryptographyrZcryptography.exceptionsrrrZcryptography.hazmat.primitivesr Z&cryptography.hazmat.primitives.ciphersr Zregister_interfaceZ CipherContextZAEADCipherContextZAEADEncryptionContextZAEADDecryptionContextobjectr r,r,r,r-s