U q`@sHddlZddlZddlmZddlmZGdddejdZGdddejdZGd d d ejdZ Gd d d ejdZ Gd ddejdZ ddZ ddZ eedddZddZGdddeeZGdddee ZGdddeZGdddeeZGd d!d!eeZGd"d#d#eeZGd$d%d%ee ZGd&d'd'eee ZdS)(N)utils)CipherAlgorithmc@s6eZdZejedddZejeddddZ dS)ModereturncCsdS)z@ A string naming this mode (e.g. "ECB", "CBC"). NselfrrS/tmp/pip-target-nv4zd3e_/lib/python/cryptography/hazmat/primitives/ciphers/modes.pynamesz Mode.nameN) algorithmrcCsdS)zq Checks that all the necessary invariants of this (mode, algorithm) combination are met. Nrr r rrr validate_for_algorithmszMode.validate_for_algorithm) __name__ __module__ __qualname__abcabstractpropertystrr abstractmethodrrrrrr r sr) metaclassc@s eZdZejedddZdS)ModeWithInitializationVectorrcCsdS)zP The value of the initialization vector for this mode as bytes. Nrrrrr initialization_vectorsz2ModeWithInitializationVector.initialization_vectorN)rrrrrbytesrrrrr rsrc@s eZdZejedddZdS) ModeWithTweakrcCsdS)z@ The value of the tweak for this mode as bytes. Nrrrrr tweak%szModeWithTweak.tweakN)rrrrrrrrrrr r$src@s eZdZejedddZdS) ModeWithNoncercCsdS)z@ The value of the nonce for this mode as bytes. Nrrrrr nonce-szModeWithNonce.nonceN)rrrrrrrrrrr r,src@s eZdZejedddZdS)ModeWithAuthenticationTagrcCsdS)zP The value of the tag supplied to the constructor of this mode. Nrrrrr tag5szModeWithAuthenticationTag.tagN)rrrrrrrrrrr r4srcCs |jdkr|jdkrtddS)NZAESz=Only 128, 192, and 256 bit keys are allowed for this AES mode)key_sizer ValueErrorr rrr _check_aes_key_length<sr#cCs0t|jd|jkr,tdt|j|jdS)NzInvalid IV size ({}) for {}.)lenr block_sizer"formatr r rrr _check_iv_lengthCsr()rr cCs*t|d|jkr&tdt||dS)Nr$zInvalid nonce size ({}) for {}.)r%r&r"r')rr r rrr _check_nonce_lengthLsr)cCst||t||dSN)r#r(r rrr _check_iv_and_key_lengthSs r+c@s,eZdZdZedddZedZe Z dS)CBCrcCstd|||_dSNrr_check_byteslike_initialization_vectorr rrrr __init__[s z CBC.__init__r1N rrrr rr3rread_only_propertyrr+rrrrr r,Xs r,c@s6eZdZdZedddZedZe dddZ dS) XTS)rcCs*td|t|dkr td||_dS)Nrz!tweak must be 128-bits (16 bytes))rr0r%r"_tweak)r rrrr r3fs  z XTS.__init__r8r cCs|jdkrtddS)N)r iz\The XTS specification requires a 256-bit key for AES-128-XTS and 512-bit key for AES-256-XTS)r!r"r rrr rps zXTS.validate_for_algorithmN) rrrr rr3rr5rrrrrrr r6cs r6c@seZdZdZeZdS)ECBN)rrrr r#rrrrr r:xsr:c@s,eZdZdZedddZedZe Z dS)OFBr-cCstd|||_dSr.r/r2rrr r3s z OFB.__init__r1Nr4rrrr r;~s r;c@s,eZdZdZedddZedZe Z dS)CFBr-cCstd|||_dSr.r/r2rrr r3s z CFB.__init__r1Nr4rrrr r<s r<c@s,eZdZdZedddZedZe Z dS)CFB8r-cCstd|||_dSr.r/r2rrr r3s z CFB8.__init__r1Nr4rrrr r=s r=c@s6eZdZdZedddZedZe dddZ dS) CTR)rcCstd|||_dS)Nr)rr0_nonce)r rrrr r3s z CTR.__init__r?r9cCst||t|j|j|dSr*)r#r)rr r rrr rs zCTR.validate_for_algorithmN) rrrr rr3rr5rrrrrrr r>s r>c@sTeZdZdZdZdZd eejee dddZ e dZ e d Zed d d ZdS)GCMl?lNr7)rrmin_tag_lengthcCstd|t|dks$t|dkr,td||_|dk rptd||dkrVtdt||krptd|||_||_dS) Nrr$zIinitialization_vector must be between 8 and 128 bytes (64 and 1024 bits).rzmin_tag_length must be >= 4z.Authentication tag must be {} bytes or longer.) rr0r%r"r1 _check_bytesr'_tagZ_min_tag_length)r rrrArrr r3s$   z GCM.__init__rEr1r9cCst||dSr*)r#r rrr rszGCM.validate_for_algorithm)Nr7)rrrr Z_MAX_ENCRYPTED_BYTESZ_MAX_AAD_BYTESrtypingOptionalintr3rr5rrrrrrrr r@s   r@)rrFZ cryptographyrZ/cryptography.hazmat.primitives._cipheralgorithmrABCMetarrrrrr#r(rrr)r+r,r6r:r;r<r=r>r@rrrr s(