o e_>@sJddlmZddlZddlmZejr1ddlmZddlm Z m Z m Z m Z m Z eje e e e e fZdGd d ZdGddZdHddZ dIdJddZ dIdJddZ dIdKd"d#ZdLd$d%ZdJd&d'ZdJd(d)Zd*ZdZdMd+d,ZdNd.d/ZdHd0d1ZdOd5d6ZdPd8d9ZdQd:d;Z dRd=d>Z!dSd?d@Z"dTdAdBZ# dIdJdCdDZ$ dIdJdEdFZ%dS)U) annotationsN) InvalidTag)BackendAESCCMAESGCMAESOCB3AESSIVChaCha20Poly1305backendrcipher _AEADTypesreturnboolcCsddlm}|jjot||S)zz Checks whether the given cipher is supported through EVP_AEAD rather than the normal OpenSSL EVP_CIPHER API. rr )+cryptography.hazmat.primitives.ciphers.aeadr _libCryptography_HAS_EVP_AEAD isinstancer r r r\/var/www/html/venv/lib/python3.10/site-packages/cryptography/hazmat/backends/openssl/aead.py_is_evp_aead_supported_ciphers  rcCsTt||rdSt|}|jr||jvrdS|dr |jjdkS|j||jj kS)NTF-siv) r_evp_cipher_cipher_name _fips_enabled _fips_aeadendswithr#CRYPTOGRAPHY_OPENSSL_300_OR_GREATEREVP_get_cipherbyname_ffiNULL)r r cipher_namerrr_aead_cipher_supported(s    r$keybytescCs"t||r t|||St|||SN)r_evp_aead_create_ctx_evp_cipher_create_ctx)r r r%rrr_aead_create_ctx;s   r*noncedataassociated_datatyping.List[bytes] tag_lengthintctx typing.AnycC2t||rt|||||||St|||||||Sr')r_evp_aead_encrypt_evp_cipher_encryptr r r+r,r-r/r1rrr_encryptF r7cCr3r')r_evp_aead_decrypt_evp_cipher_decryptr6rrr_decryptYr8r;tag_lentyping.Optional[int]cCstt||}|dus J|j|}|dur|jjn|}|j||t||}|||jjk|j ||jj }|Sr') _evp_aead_get_cipherr! from_bufferrEVP_AEAD_DEFAULT_TAG_LENGTHCryptography_EVP_AEAD_CTX_newlenopenssl_assertr"gcEVP_AEAD_CTX_free)r r r%r< aead_cipherkey_ptrr1rrrr(ls    r(cCs$ddlm}t||s J|jS)Nrr)rr rrEVP_aead_chacha20_poly1305rrrrr>s  r>c Cs|dusJt||}|dusJ|jd}t||j|} |jd| } |j|} |j|} d|} |j| }|j|| || | t|| t||t|  }| |dk|j | |ddd}|S)Nsize_t * uint8_t[]rr) r>r!newrBrEVP_AEAD_max_overheadr?joinEVP_AEAD_CTX_sealrCbuffer)r r r+r,r-r/r1rFout_len max_out_lenout_bufdata_ptr nonce_ptraadaad_ptrresencrypted_datarrrr4s2        r4c Cst||krt|dusJ|jd}t|}|jd|} |j|} |j|} d|} |j| } |j|| ||| t|| t|| t|  }|dkrU|t|j | |ddd}|S)NrIrJrKr) rBrr!rLr?rNrEVP_AEAD_CTX_open_consume_errorsrP)r r r+r,r-r/r1rQrRrSrTrUrVrWrXdecrypted_datarrrr9s6        r9rcCsddlm}m}m}m}m}t||rdSt||r(dt|jdd dSt||r;dt|jdd dSt||rPdt|jdd d  dSt||sWJdt|jdd  dS) Nrrschacha20-poly1305zaes-z-ccmasciiz-ocbz-sivz-gcm) rrrrr r rrB_keyencode)r rrrr r rrrrs     rr#cCsl|dr%|j|jj||jj}|||jjk|j||jj}|S|j|}|||jjk|S)Nr) rrEVP_CIPHER_fetchr!r"rCrDEVP_CIPHER_freer )r#r evp_cipherrrr _evp_ciphers  recCs||j}|||jjk|j||jj}t|}t||}|j |}|j |||jj||jjd}||dk|SNr) rEVP_CIPHER_CTX_newrCr!r"rDEVP_CIPHER_CTX_freerrer?EVP_CipherInit_ex)r r r%r1r#rdrGrXrrrr) s   r)tagtyping.Optional[bytes] operationc Cs.t||}|j}|j||jj}|j|||jj|jj|jjt|t k} | | dk|j ||jj t ||jj} | | dk|tkrV|dusOJt|||n|dro|j ||jj||jj} | | dk|j|} |j|} |j||jj|jj| | t|t k} | | dk|S)Nrs-ccm)rerrgr!rDrhrir"r0_ENCRYPTrCEVP_CIPHER_CTX_ctrlEVP_CTRL_AEAD_SET_IVLENrB_DECRYPT_evp_cipher_set_tagrEVP_CTRL_AEAD_SET_TAGr?) r r#r%r+rjr<rlrdr1rXrUrGrrr_evp_cipher_aead_setup"sT       rsNonecCs8|j|}|j||jjt||}||dkdSrf)r!r?rrnrrrBrC)r r1rjtag_ptrrXrrrrqYs rqc CsH|j|}|j||jj|jj|jj|t|tk}||dkdSrf)r!r?rrir"r0rmrC)r r1r+rlrUrXrrr_evp_cipher_set_nonce_operationas  rvdata_lencCs:|jd}|j||jj||jj|}||dkdSNint *r)r!rLrEVP_CipherUpdater"rC)r r1rwintptrrXrrr_evp_cipher_set_lengthps r|cCsF|jd}|j|}|j||jj||t|}||dkdSrx)r!rLr?rrzr"rBrC)r r1r-outlen a_data_ptrrXrrr_evp_cipher_process_aadxs  rcCsp|jd}|jdt|}|j|}|j||||t|}|dkr+|t|j||dddS)Nryunsigned char[]r) r!rLrBr?rrzr[rrP)r r1r,r}bufrTrXrrr_evp_cipher_process_datas  rcCsJddlm}m}|durt|} t|| |j|d|t}nt|||tt||r0t ||t ||D]} t ||| q2t |||} |j d} |j dd} |j|| | }||dk| |j | | ddd7} |j d|}|j||jj||}||dk|j |dd}t||r|t |dk|| S| |S)Nrrr ryr)rrr rrsr`rmrvrr|rBrrr!rLrEVP_CipherFinal_exrCrPrnEVP_CTRL_AEAD_GET_TAG)r r r+r,r-r/r1rr r#adprocessed_datar}rrXtag_bufrjrrrr5sB      r5cCsddlm}m}t||krtt||r"|d|} ||d}n|| d} |d| }|durDt|} t|| |j|| |t }n t |||t t ||| t||r^t ||t||D]} t ||| q`t||r|jd} |jdt|} |j|}|j|| | |t|}|dkr|t|j| | ddd}|St|||}|jd} |jdd} |j|| | }||j| | ddd7}|dkr|t|S)Nrrryrrr)rrr rBrrrrsr`rprvrqr|rr!rLr?rrzr[rPrr)r r r+r,r-r/r1rr rjr#rr}rd_ptrrXrrrrr:sX         r:)r rr r rr)r rr r r%r&r')r rr r r+r&r,r&r-r.r/r0r1r2rr&)r rr r r%r&r<r=)r rr r )r r rr&)r#r&r r)r rr#r&r%r&r+r&rjrkr<r0rlr0)rjr&rrt)r+r&rlr0rrt)r rrwr0rrt)r rr-r&rrt)r rr,r&rr&)& __future__rtypingcryptography.exceptionsr TYPE_CHECKING,cryptography.hazmat.backends.openssl.backendrrrrrr r Unionr rr$r*r7r;r(r>r4r9rmrprrer)rsrqrvr|rrr5r:rrrrsH           ),     7     B