3 K^b$@sddlmZmZmZddlmZddlmZmZm Z ddl m Z ddl m Z eje jeje jeje jeje jGdddeZdS) )absolute_importdivisionprint_function)utils) InvalidTagUnsupportedAlgorithm_Reasons)ciphers)modesc@sNeZdZdZdZddZddZddZd d Zd d Z d dZ e j dZ dS)_CipherContextrc Cs||_||_||_||_d|_t|jtjr<|jjd|_ nd|_ |jj j }|jj j ||jj j}|jj}y|t|t|f}Wn4tk rtdj|j|r|jn|tjYnX||j||}||jj jkrdj|} |dk r| dj|7} | dj|jj7} t| tjt|tjr8|jj j|j} njt|tjrX|jj j|j} nJt|tjrx|jj j|j } n*t|tjr|jj j|j } n |jj j} |jj j!|||jj j|jj j|jj j|} |jj"| dk|jj j#|t$|j%} |jj"| dkt|tj&r|jj j'||jj j(t$| |jj j} |jj"| dk|j)dk r|jj j'||jj j*t$|j)|j)} |jj"| dk|j)|_n0|j|j+kr|jj j,r|jj j- rt.d|jj j!||jj j|jj j|jj j|j%| |} |jj"| dk|jj j/|d||_0dS) Nr z6cipher {} in {} mode is not supported by this backend.zcipher {0.name} zin {0.name} mode z_is not supported by this backend (Your version of OpenSSL may be too old. Current version: {}.)rz_delayed passing of GCM tag requires OpenSSL >= 1.0.2. To use this feature please update OpenSSL)1_backendZ_cipher_mode _operation_tag isinstancer ZBlockCipherAlgorithm block_size_block_size_bytes_libZEVP_CIPHER_CTX_new_ffigcZEVP_CIPHER_CTX_freeZ_cipher_registrytypeKeyErrorrformatnamerZUNSUPPORTED_CIPHERNULLZopenssl_version_textr ZModeWithInitializationVector from_bufferZinitialization_vectorZ ModeWithTweakZtweakZ ModeWithNoncenonceZEVP_CipherInit_exopenssl_assertZEVP_CIPHER_CTX_set_key_lengthlenkeyGCMEVP_CIPHER_CTX_ctrlZEVP_CTRL_AEAD_SET_IVLENtagEVP_CTRL_AEAD_SET_TAG_DECRYPT"CRYPTOGRAPHY_OPENSSL_LESS_THAN_102CRYPTOGRAPHY_IS_LIBRESSLNotImplementedErrorZEVP_CIPHER_CTX_set_padding_ctx) selfbackendciphermodeZ operationctxregistryadapterZ evp_ciphermsgZiv_nonceresr4P/tmp/pip-unpacked-wheel-vvkwn1hz/cryptography/hazmat/backends/openssl/ciphers.py__init__s           z_CipherContext.__init__cCs2tt||jd}|j||}t|d|S)Nr ) bytearrayr r update_intobytes)r+databufnr4r4r5updatezs z_CipherContext.updatecCst|t||jdkr6tdjt||jd|jjjd|jjj|}|jjjd}|jj j |j |||jjj|t|}|jj |dk|dS)Nr z1buffer must be at least {} bytes for this payloadzunsigned char *zint *r) r r ValueErrorrrrcastrnewrEVP_CipherUpdater*r)r+r:r;outlenr3r4r4r5r8sz_CipherContext.update_intocCs|t|jtjr|jd|j|jkrDt|jtjrD|jdkrDt d|j j j d|j }|j j j d}|j jj|j||}|dkr|j j}| rt|jtjrt|j j|dj|j jj|j jjt dt|jtjo|j|jkrB|j j j d|j }|j jj|j|j jj|j |}|j j|dk|j j j|dd|_|j jj|j}|j j|dk|j j j|d|dS)Nz4Authentication tag must be provided when decrypting.zunsigned char[]zint *rzFThe length of the provided data is not a multiple of the block length.r )rrr r"r=rr&ZModeWithAuthenticationTagr$r>rrr@rrZEVP_CipherFinal_exr*Z_consume_errorsrrZ_lib_reason_matchZ ERR_LIB_EVPZ'EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH_ENCRYPTr#ZEVP_CTRL_AEAD_GET_TAGbufferrZEVP_CIPHER_CTX_cleanup)r+r;rBr3errorsZtag_bufr4r4r5finalizes@       z_CipherContext.finalizecCs~|jjjr|jjj rtdt||jjkr@tdj |jj|jjj |j |jjj t||}|jj |dk||_|jS)NzUfinalize_with_tag requires OpenSSL >= 1.0.2. To use this method please update OpenSSLz.Authentication tag must be {} bytes or longer.r)rrr'r(r)r rZ_min_tag_lengthr>rr#r*r%rrrG)r+r$r3r4r4r5finalize_with_tags     z _CipherContext.finalize_with_tagcCsN|jjjd}|jjj|j|jjj||jjj|t|}|jj |dkdS)Nzint *r) rrr@rrAr*rrr r)r+r:rBr3r4r4r5authenticate_additional_datas z+_CipherContext.authenticate_additional_datarN)__name__ __module__ __qualname__rDr&r6r=r8rGrHrIrZread_only_propertyr$r4r4r4r5r se6r N) __future__rrrZ cryptographyrZcryptography.exceptionsrrrZcryptography.hazmat.primitivesr Z&cryptography.hazmat.primitives.ciphersr Zregister_interfaceZ CipherContextZAEADCipherContextZAEADEncryptionContextZAEADDecryptionContextobjectr r4r4r4r5s