B #a@sddlZddlZddlZddlZddlZddlZddlmZddlm Z ddl m Z ddl m Z mZddlmZmZmZddlmZGdd d eZd ZGd d d eZGd ddeZdS)N)utils)InvalidSignature) _get_backend)hashespadding)Cipher algorithmsmodes)HMACc@s eZdZdS) InvalidTokenN)__name__ __module__ __qualname__rrQ)r)r _check_bytesrPKCS7rAES block_sizepadderupdatefinalizerrr CBCr encryptorstructpackr rrSHA256rr!) rr&r+r-r3Z padded_datar7 ciphertextZ basic_partshhmacrrrr,5s  zFernet._encrypt_from_parts)tokenttlr cCs:t|\}}|dkrd}n|ttf}||||S)N)r_get_unverified_token_datar(r) _decrypt_data)rr>r? timestampr& time_inforrrdecryptJs zFernet.decrypt)r>r?r+r cCs0|dkrtdt|\}}|||||fS)Nz6decrypt_at_time() can only be used with a non-None ttl)rrr@rA)rr>r?r+rBr&rrrdecrypt_at_timeRs zFernet.decrypt_at_time)r>r cCst|\}}|||S)N)rr@_verify_signature)rr>rBr&rrrextract_timestamp\s zFernet.extract_timestampc Cstd|yt|}Wnttjfk r8tYnX|rJ|ddkrNtyt d|dd\}Wntj k rtYnX||fS)Nr>rz>Q ) rr/rr TypeErrorbinasciiErrorr r8unpackerror)r>r&rBrrrr@bs   z!Fernet._get_unverified_token_datacCs\t|jt|jd}||ddy||ddWntk rVtYnXdS)N)ri) r rrr:rr4verifyrr )rr&r<rrrrFss zFernet._verify_signature)r&rBrCr c Cs|dk r0|\}}|||kr t|t|kr0t|||dd}|dd}tt|jt||j  }| |} y| | 7} Wnt k rtYnXttjj} | | } y| | 7} Wnt k rtYnX| S)NrJi)r _MAX_CLOCK_SKEWrFrrr1rr r6r decryptorr4r5rrr0r2unpadder) rr&rBrCr?r+r-r;rSZplaintext_paddedrTZunpaddedrrrrA{s.         zFernet._decrypt_data)N)N)r r rbytesr classmethodr%r*r(r'r,typingOptionalrDrErG staticmethodTupler@rFrArrrrrs$   rc@seZdZejedddZeedddZee eddd Z eedd d Z deej e ed ddZ ee e edddZd S) MultiFernet)fernetscCst|}|std||_dS)Nz1MultiFernet requires at least one Fernet instance)listr_fernets)rr\rrrrs zMultiFernet.__init__)msgr cCs||ttS)N)r'r(r))rr_rrrr*szMultiFernet.encrypt)r_r+r cCs|jd||S)Nr)r^r')rr_r+rrrr'szMultiFernet.encrypt_at_timec Csjt|\}}x<|jD].}y|||d}PWqtk rBYqXqWttd}|jd|||S)Nrr)rr@r^rAr r"r#r,)rr_rBr&fpr-rrrrotates   zMultiFernet.rotateN)r_r?r c Cs:x0|jD]&}y |||Stk r,YqXqWtdS)N)r^rDr )rr_r?r`rrrrDs    zMultiFernet.decrypt)r_r?r+r c Cs<x2|jD](}y||||Stk r.YqXqWtdS)N)r^rEr )rr_r?r+r`rrrrEs   zMultiFernet.decrypt_at_time)N)r r rrWIterablerrrUr*r(r'rbrXrDrErrrrr[s r[)rrLr"r8r)rWZ cryptographyrZcryptography.exceptionsrZcryptography.hazmat.backendsrZcryptography.hazmat.primitivesrrZ&cryptography.hazmat.primitives.ciphersrrr Z#cryptography.hazmat.primitives.hmacr Exceptionr rRobjectrr[rrrrs