B \Úæ`È"ã@sddlmZmZmZddlmZddlmZmZm Z ddl m Z ddl m Z e e j¡e e j¡e e j¡e e j¡Gdd„deƒƒƒƒƒZdS) é)Úabsolute_importÚdivisionÚprint_function)Úutils)Ú InvalidTagÚUnsupportedAlgorithmÚ_Reasons)Úciphers)Úmodesc@sNeZdZdZdZdd„Zdd„Zdd„Zd d „Zd d „Z d d„Z e   d¡Z dS)Ú_CipherContextérc CsÀ||_||_||_||_d|_t|jtjƒr<|jjd|_ nd|_ |jj   ¡}|jj   ||jj j¡}|jj}y|t|ƒt|ƒf}Wn4tk r¸td |j|r¨|jn|¡tjƒ‚YnX||j||ƒ}||jj jkrötd |j|rê|jn|¡tjƒ‚t|tjƒr |j} nLt|tjƒr"|j} n6t|tjƒr8|j} n t|tjƒrN|j} n |jj j} |jj  |||jj j|jj j|jj j|¡} |j  | dk¡|jj  !|t"|j#ƒ¡} |j  | dk¡t|tj$ƒrp|jj  %||jj j&t"| ƒ|jj j¡} |j  | dk¡|j'dk rB|jj  %||jj j(t"|j'ƒ|j'¡} |j  | dk¡|j'|_n.|j|j)krp|jj j*rp|jj j+spt,dƒ‚|jj  ||jj j|jj j|j#| |¡} |j  | dk¡|jj  -|d¡||_.dS)Nér z8cipher {0} in {1} mode is not supported by this backend.rz_delayed passing of GCM tag requires OpenSSL >= 1.0.2. To use this feature please update OpenSSL)/Ú_backendZ_cipherÚ_modeÚ _operationÚ_tagÚ isinstancer ZBlockCipherAlgorithmZ block_sizeÚ_block_size_bytesÚ_libZEVP_CIPHER_CTX_newÚ_ffiZgcZEVP_CIPHER_CTX_freeZ_cipher_registryÚtypeÚKeyErrorrÚformatÚnamerZUNSUPPORTED_CIPHERÚNULLr ZModeWithInitializationVectorZinitialization_vectorZ ModeWithTweakZtweakZ ModeWithNonceZnonceZEVP_CipherInit_exÚopenssl_assertZEVP_CIPHER_CTX_set_key_lengthÚlenÚkeyÚGCMÚEVP_CIPHER_CTX_ctrlZEVP_CTRL_AEAD_SET_IVLENÚtagÚEVP_CTRL_AEAD_SET_TAGÚ_DECRYPTÚ"CRYPTOGRAPHY_OPENSSL_LESS_THAN_102ÚCRYPTOGRAPHY_IS_LIBRESSLÚNotImplementedErrorZEVP_CIPHER_CTX_set_paddingÚ_ctx) ÚselfZbackendZcipherÚmodeZ operationZctxÚregistryZadapterZ evp_cipherZiv_nonceÚres©r+ú_/opt/alt/python37/lib64/python3.7/site-packages/cryptography/hazmat/backends/openssl/ciphers.pyÚ__init__sŠ         z_CipherContext.__init__cCs2tt|ƒ|jdƒ}| ||¡}t|d|…ƒS)Nr )Ú bytearrayrrÚ update_intoÚbytes)r'ÚdataÚbufÚnr+r+r,Úupdatevs z_CipherContext.updatecCs’t|ƒt|ƒ|jdkr6td t|ƒ|jd¡ƒ‚|jj d|jj |¡¡}|jj d¡}|jj   |j |||t|ƒ¡}|j  |dk¡|dS)Nr z2buffer must be at least {0} bytes for this payloadzunsigned char *zint *r) rrÚ ValueErrorrrrÚcastZ from_bufferÚnewrÚEVP_CipherUpdater&r)r'r1r2Úoutlenr*r+r+r,r/{s z_CipherContext.update_intocCs|t|jtjƒr| d¡|j|jkrDt|jtjƒrD|jdkrDt dƒ‚|j j   d|j ¡}|j j   d¡}|j j |j||¡}|dkrÌ|j  ¡}|s t|jtjƒr t‚|j  |d |j jj|j jj¡¡t dƒ‚t|jtjƒrB|j|jkrB|j j   d|j ¡}|j j |j|j jj|j |¡}|j  |dk¡|j j  |¡dd…|_|j j |j¡}|j  |dk¡|j j  |¡d|d…S)Nóz4Authentication tag must be provided when decrypting.zunsigned char[]zint *rzFThe length of the provided data is not a multiple of the block length.r )rrr rr4rr"ZModeWithAuthenticationTagr r5rrr7rrZEVP_CipherFinal_exr&Z_consume_errorsrrZ_lib_reason_matchZ ERR_LIB_EVPZ'EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTHÚ_ENCRYPTrZEVP_CTRL_AEAD_GET_TAGÚbufferrZEVP_CIPHER_CTX_cleanup)r'r2r9r*ÚerrorsZtag_bufr+r+r,Úfinalize‹s@       z_CipherContext.finalizecCs||jjjr|jjjstdƒ‚t|ƒ|jjkr>td  |jj¡ƒ‚|jj  |j |jjj t|ƒ|¡}|j  |dk¡||_| ¡S)NzUfinalize_with_tag requires OpenSSL >= 1.0.2. To use this method please update OpenSSLz/Authentication tag must be {0} bytes or longer.r)rrr#r$r%rrZ_min_tag_lengthr5rrr&r!rrr>)r'r r*r+r+r,Úfinalize_with_tagÁs     z _CipherContext.finalize_with_tagcCsD|jj d¡}|jj |j|jjj||t|ƒ¡}|j |dk¡dS)Nzint *r) rrr7rr8r&rrr)r'r1r9r*r+r+r,Úauthenticate_additional_data×sz+_CipherContext.authenticate_additional_datarN)Ú__name__Ú __module__Ú __qualname__r;r"r-r4r/r>r?r@rZread_only_propertyr r+r+r+r,r sa6r N)Z __future__rrrZ cryptographyrZcryptography.exceptionsrrrZcryptography.hazmat.primitivesr Z&cryptography.hazmat.primitives.ciphersr Zregister_interfaceZ CipherContextZAEADCipherContextZAEADEncryptionContextZAEADDecryptionContextÚobjectr r+r+r+r,Ús