ó Û_e[c@`s‡ddlmZmZmZddlZddlmZddlmZddl m Z m Z m Z dej e efd„ƒYZdS(i(tabsolute_importtdivisiontprint_functionN(tencoding(t exceptions(tEncryptedMessaget StringFixertrandomt SecretBoxcB`sbeZdZejjZejjZe j d„Z d„Z de j d„Zde j d„ZRS(sB The SecretBox class encrypts and decrypts messages using the given secret key. The ciphertexts generated by :class:`~nacl.secret.Secretbox` include a 16 byte authenticator which is checked as part of the decryption. An invalid authenticator will cause the decrypt function to raise an exception. The authenticator is not a signature. Once you've decrypted the message you've demonstrated the ability to create arbitrary valid message, so messages you send are repudiable. For non-repudiable messages, sign them after encryption. :param key: The secret key used to encrypt and decrypt messages :param encoder: The encoder class used to decode the given key :cvar KEY_SIZE: The size that the key is required to be. :cvar NONCE_SIZE: The size that the nonce is required to be. cC`sk|j|ƒ}t|tƒs0tjdƒ‚nt|ƒ|jkr^tjd|jƒ‚n||_dS(Ns'SecretBox must be created from 32 bytess%The key must be exactly %s bytes long( tdecodet isinstancetbytestexct TypeErrortlentKEY_SIZEt ValueErrort_key(tselftkeytencoder((s-/tmp/pip-install-KP2Jbq/pynacl/nacl/secret.pyt__init__.scC`s|jS(N(R(R((s-/tmp/pip-install-KP2Jbq/pynacl/nacl/secret.pyt __bytes__;scC`s¥|dkrt|jƒ}nt|ƒ|jkrLtjd|jƒ‚ntjj|||j ƒ}|j |ƒ}|j |ƒ}t j |||j ||ƒƒS(sL Encrypts the plaintext message using the given `nonce` (or generates one randomly if omitted) and returns the ciphertext encoded with the encoder. .. warning:: It is **VITALLY** important that the nonce is a nonce, i.e. it is a number used only once for any given key. If you fail to do this, you compromise the privacy of the messages encrypted. Give your nonces a different prefix, or have one side use an odd counter and one an even counter. Just make sure they are different. :param plaintext: [:class:`bytes`] The plaintext message to encrypt :param nonce: [:class:`bytes`] The nonce to use in the encryption :param encoder: The encoder to use to encode the ciphertext :rtype: [:class:`nacl.utils.EncryptedMessage`] s'The nonce must be exactly %s bytes longN( tNoneRt NONCE_SIZERR Rtnacltbindingstcrypto_secretboxRtencodeRt _from_parts(Rt plaintexttnonceRt ciphertextt encoded_noncetencoded_ciphertext((s-/tmp/pip-install-KP2Jbq/pynacl/nacl/secret.pytencrypt>s  cC`s…|j|ƒ}|dkr8||j }||j}nt|ƒ|jkrftjd|jƒ‚ntjj|||j ƒ}|S(sá Decrypts the ciphertext using the `nonce` (explicitly, when passed as a parameter or implicitly, when omitted, as part of the ciphertext) and returns the plaintext message. :param ciphertext: [:class:`bytes`] The encrypted message to decrypt :param nonce: [:class:`bytes`] The nonce used when encrypting the ciphertext :param encoder: The encoder used to decode the ciphertext. :rtype: [:class:`bytes`] s'The nonce must be exactly %s bytes longN( R RRRR RRRtcrypto_secretbox_openR(RR RRR((s-/tmp/pip-install-KP2Jbq/pynacl/nacl/secret.pytdecryptcs    N(t__name__t __module__t__doc__RRtcrypto_secretbox_KEYBYTESRtcrypto_secretbox_NONCEBYTESRRt RawEncoderRRRR#R%(((s-/tmp/pip-install-KP2Jbq/pynacl/nacl/secret.pyRs   %(t __future__RRRt nacl.bindingsRRRR t nacl.utilsRRRt EncodabletobjectR(((s-/tmp/pip-install-KP2Jbq/pynacl/nacl/secret.pyts