o ev(@shddlmZddlZddlmZmZmZddlmZddl m Z m Z ej r+ddl mZGdddZdS) ) annotationsN) InvalidTagUnsupportedAlgorithm_Reasons)ciphers) algorithmsmodes)Backendc@sbeZdZdZdZdZdd d ZdddZd ddZd!ddZ d"ddZ d#ddZ e d$ddZ dS)%_CipherContextri?backendr operationintreturnNonecCs@||_||_||_||_d|_t|jtjr|jjd|_ nd|_ |jj }|jj ||jj j}|jj}z |t|t|f}WntyYtd|j|rS|jn|tjw||j||}||jj jkrd|jd} |dur|| d|jd7} | d|j7} t| tjt|tjr|jj |j} n2t|tjr|jj |j} n#t|tjr|jj |j } nt|t!j"r|jj |j } n|jj j} |jj #|||jj j|jj j|jj j|} |j$| d k|jj %|t&|j'} |j$| d kt|tj(rA|jj )||jj j*t&| |jj j} |j$| d k|j+durA|jj )||jj j,t&|j+|j+} |j$| d k|j+|_|jj #||jj j|jj j|jj |j'| |} |j-} |jj } | d kr| j.sv| d /| j0| j1s| j2r| d /| j3| j4rt5d |jj$| d k| d |jj 6|d ||_7dS) Nr z6cipher {} in {} mode is not supported by this backend.zcipher  zin z mode z_is not supported by this backend (Your version of OpenSSL may be too old. Current version: {}.)rz+In XTS mode duplicated keys are not allowederrors)8_backend_cipher_mode _operation_tag isinstancerBlockCipherAlgorithm block_size_block_size_bytes_libEVP_CIPHER_CTX_new_ffigcEVP_CIPHER_CTX_free_cipher_registrytypeKeyErrorrformatnamerUNSUPPORTED_CIPHERNULLopenssl_version_textrModeWithInitializationVector from_bufferinitialization_vector ModeWithTweaktweak ModeWithNoncenoncerChaCha20EVP_CipherInit_exopenssl_assertEVP_CIPHER_CTX_set_key_lengthlenkeyGCMEVP_CIPHER_CTX_ctrlEVP_CTRL_AEAD_SET_IVLENtagEVP_CTRL_AEAD_SET_TAG_consume_errorsCRYPTOGRAPHY_IS_LIBRESSL_lib_reason_match ERR_LIB_EVPEVP_R_XTS_DUPLICATED_KEYSCryptography_HAS_PROVIDERS ERR_LIB_PROVPROV_R_XTS_DUPLICATED_KEYS ValueErrorEVP_CIPHER_CTX_set_padding_ctx)selfr ciphermoder ctxregistryadapter evp_ciphermsgiv_nonceresrlibrS_/var/www/html/venv/lib/python3.10/site-packages/cryptography/hazmat/backends/openssl/ciphers.py__init__s                 z_CipherContext.__init__databytescCs2tt||jd}|||}t|d|S)Nr ) bytearrayr6r update_intorW)rHrVbufnrSrSrTupdates z_CipherContext.updaterZc Cst|}t|||jdkrtdt||jdd}d}|jjd}|jjj|dd}|jj|}||kr||} ||} t|j ||} |jj |j | || | } | dkrlt |jtjrl|jtd|j| dk|| 7}||d7}||ks<|S)Nr z1buffer must be at least {} bytes for this payloadrint *T)require_writablezeIn XTS mode you must supply at least a full block in the first update call. For AES this is 16 bytes.)r6rrEr&rr newr,min_MAX_CHUNK_SIZErEVP_CipherUpdaterGrrrXTSr=r4) rHrVrZtotal_data_lendata_processed total_outoutlen baseoutbuf baseinbufoutbufinbufinlenrQrSrSrTrYs8   z_CipherContext.update_intocCs|j|jkrt|jtjr|jdurtd|jj d|j }|jj d}|jj |j||}|dkrt|j}|sDt|jtjrDt|jj }|jj|d|j|jpl|joa|d|j|jpl|jol|dj|jk|dtdt|jtjr|j|jkr|jj d|j }|jj |j|jj j|j |}|j|dk|jj |dd|_ |jj !|j}|j|dk|jj |d|dS)Nz4Authentication tag must be provided when decrypting.zunsigned char[]r]rrzFThe length of the provided data is not a multiple of the block length.r )"r_DECRYPTrrrModeWithAuthenticationTagr;rErr r_rrEVP_CipherFinal_exrGr=r8rr4r?r@'EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTHrBrCPROV_R_WRONG_FINAL_BLOCK_LENGTHCRYPTOGRAPHY_IS_BORINGSSLreason*CIPHER_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH_ENCRYPTr9EVP_CTRL_AEAD_GET_TAGbufferrEVP_CIPHER_CTX_reset)rHrZrgrQrrRtag_bufrSrSrTfinalizesh       z_CipherContext.finalizer;cCs~t|}||jjkrtd|jj||jkr td|j|jj|j |jjj t||}|j |dk||_ | S)Nz.Authentication tag must be {} bytes or longer.z0Authentication tag cannot be more than {} bytes.r)r6r_min_tag_lengthrEr&rrrr9rGr<r4rrz)rHr;tag_lenrQrSrSrTfinalize_with_tags&  z _CipherContext.finalize_with_tagcCsN|jjd}|jj|j|jjj||jj|t|}|j |dkdS)Nr]r) rr r_rrbrGr)r,r6r4)rHrVrgrQrSrSrTauthenticate_additional_data s z+_CipherContext.authenticate_additional_datatyping.Optional[bytes]cCs|jS)N)r)rHrSrSrTr;sz_CipherContext.tagN)r r r rrr)rVrWrrW)rVrWrZrWrr)rrW)r;rWrrW)rVrWrr)rr)__name__ __module__ __qualname__rurmrarUr\rYrzr}r~propertyr;rSrSrSrTr s  y  # @  r ) __future__rtypingcryptography.exceptionsrrrcryptography.hazmat.primitivesr&cryptography.hazmat.primitives.ciphersrr TYPE_CHECKING,cryptography.hazmat.backends.openssl.backendr r rSrSrSrTs