3Tf 6ddlmZddlZddlZddlmZddlmZmZddl m Z m Z ddl m Z Gddej ZGd d eej ZGd d eej ZGddeej ZGddeej Zd&dZ d'dZ d(dZ d)dZGddeZGddeZGddeZGddeZGddeZGd d!eZGd"d#eZGd$d%eeZy)*) annotationsN)utils)UnsupportedAlgorithm_Reasons)BlockCipherAlgorithmCipherAlgorithm) algorithmscbeZdZeej ddZej ddZy)Modecy)z@ A string naming this mode (e.g. "ECB", "CBC"). Nselfs N/usr/lib/python3/dist-packages/cryptography/hazmat/primitives/ciphers/modes.pynamez Mode.namecy)zq Checks that all the necessary invariants of this (mode, algorithm) combination are met. Nr r algorithms rvalidate_for_algorithmzMode.validate_for_algorithmrrN)returnstrrrrNone)__name__ __module__ __qualname__propertyabcabstractmethodrrr rrr r s<      rr ) metaclassc<eZdZeej ddZy)ModeWithInitializationVectorcy)zP The value of the initialization vector for this mode as bytes. Nr rs rinitialization_vectorz2ModeWithInitializationVector.initialization_vector$rrNrbytes)rrrrr r!r&r rrr$r$#"   rr$c<eZdZeej ddZy) ModeWithTweakcy)z@ The value of the tweak for this mode as bytes. Nr rs rtweakzModeWithTweak.tweak-rrNr')rrrrr r!r-r rrr+r+,r)rr+c<eZdZeej ddZy) ModeWithNoncecy)z@ The value of the nonce for this mode as bytes. Nr rs rnoncezModeWithNonce.nonce6rrNr')rrrrr r!r1r rrr/r/5r)rr/c<eZdZeej ddZy)ModeWithAuthenticationTagcy)zP The value of the tag supplied to the constructor of this mode. Nr rs rtagzModeWithAuthenticationTag.tag?rrNrtyping.Optional[bytes])rrrrr r!r5r rrr3r3>r)rr3cX|jdkDr|jdk(r tdyy)NAESz=Only 128, 192, and 256 bit keys are allowed for this AES mode)key_sizer ValueErrorrs r_check_aes_key_lengthr=Gs3CINNe$; K  %<rct|jdz|jk7r8tdj t|j|j y)NzInvalid IV size ({}) for {}.)lenr& block_sizer<formatrrs r_check_iv_lengthrCNsW 4 % %&*i.B.BB * 1 1D../   Crct|tst|dtjt |dz|j k7rtdt |d|dy)N" requires a block cipher algorithmr?zInvalid nonce size (z) for .) isinstancerrrUNSUPPORTED_CIPHERr@rAr<)r1rrs r_check_nonce_lengthrIYsl i!5 6"f6 7  ' '   5zA~---/E |6$qIJJ.rct|tst|dtjt ||t ||y)NrE)rGrrrrHr=rCrs r_check_iv_and_key_lengthrKesF i!5 6"f6 7  ' '  $ *T9%rc.eZdZdZddZeddZeZy)CBCc>tjd|||_yNr&r_check_byteslike_initialization_vectorrr&s r__init__z CBC.__init__t 68MN&;#rc|jSNrRrs rr&zCBC.initialization_vectorx***rNr&r(r' rrrrrTrr&rKrr rrrMrMq( D<++6rrMc2eZdZdZddZeddZddZy)XTScptjd|t|dk7r td||_y)Nr-z!tweak must be 128-bits (16 bytes))rrQr@r<_tweak)rr-s rrTz XTS.__init__s1 w. u: @A A rc|jSrW)rars rr-z XTS.tweak {{rct|tjtjfr t d|j dvr t dy)Nz\The AES128 and AES256 classes do not support XTS, please use the standard AES class instead.)r9iz\The XTS specification requires a 256-bit key for AES-128-XTS and 512-bit key for AES-256-XTS)rGr AES128AES256 TypeErrorr;r<rs rrzXTS.validate_for_algorithmsV i*"3"3Z5F5F!G H2    Z /3  0rN)r-r(r'r)rrrrrTrr-rr rrr^r^s% D rr^ceZdZdZeZy)ECBN)rrrrr=rr rrriris D2rric.eZdZdZddZeddZeZy)OFBc>tjd|||_yrOrPrSs rrTz OFB.__init__rUrc|jSrWrXrs rr&zOFB.initialization_vectorrYrNrZr'r[r rrrkrkr\rrkc.eZdZdZddZeddZeZy)CFBc>tjd|||_yrOrPrSs rrTz CFB.__init__rUrc|jSrWrXrs rr&zCFB.initialization_vectorrYrNrZr'r[r rrroror\rroc.eZdZdZddZeddZeZy)CFB8c>tjd|||_yrOrPrSs rrTz CFB8.__init__rUrc|jSrWrXrs rr&zCFB8.initialization_vectorrYrNrZr'r[r rrrsrss( D<++6rrsc2eZdZdZddZeddZddZy)CTRc>tjd|||_y)Nr1)rrQ_nonce)rr1s rrTz CTR.__init__s w. rc|jSrW)ryrs rr1z CTR.noncercrc^t||t|j|j|yrW)r=rIr1rrs rrzCTR.validate_for_algorithms dI.DJJ 9=rN)r1r(r'r)rrrrrTrr1rr rrrwrws% D>rrwc\eZdZdZdZdZ d d dZed dZed dZ d dZ y) GCMl?lNcHtjd|t|dkst|dkDr td||_|Ntj d||dkr tdt||krtdj |||_||_y) Nr&r?zIinitialization_vector must be between 8 and 128 bytes (64 and 1024 bits).r5zmin_tag_length must be >= 4z.Authentication tag must be {} bytes or longer.) rrQr@r<rR _check_bytesrB_tag_min_tag_length)rr&r5min_tag_lengths rrTz GCM.__init__s 68MN $ % )S1F-G#-M" '<# ?   uc *! !>??3x.( DKK&  -rc|jSrW)rrs rr5zGCM.tags yyrc|jSrWrXrs rr&zGCM.initialization_vectorrYrc t||t|tstdtj |j dz}|j3t|j|kDrtdj|yy)Nz%GCM requires a block cipher algorithmr?z0Authentication tag cannot be more than {} bytes.) r=rGrrrrHrArr@r<rB)rrblock_size_bytess rrzGCM.validate_for_algorithmsdI.)%9:&7++ %//14 99 S^6F%FBII$ &G r)Nr`)r&r(r5r7rintr6r'r) rrrr_MAX_ENCRYPTED_BYTES_MAX_AAD_BYTESrTrr5r&rr rrr}r}sh D-!N '+ .$.$. .8++ rr})rr rrrr)rr$rrrr)r1r(rrrrrr)rr$rrrr) __future__rr typing cryptographyrcryptography.exceptionsrr/cryptography.hazmat.primitives._cipheralgorithmrr&cryptography.hazmat.primitives.ciphersr ABCMetar r$r+r/r3r=rCrIrKrMr^rirkrorsrwr}r rrrsI # B>  S[[   43;;  DCKK  DCKK      & 3G    K  K K(7 K  K & & &3B &  & 6 & 6-:3$3 6 & 6 6 & 6 6 ' 6 >- > 6 &(A6r