a b4@sxddlZddlZddlmZddlmZmZddlmZm Z Gdddej dZ Gdd d e ej dZ Gd d d e ej dZ Gd d d e ej dZGddde ej dZe e ddddZe eddddZeee ddddZe e ddddZGddde ZGddde ZGddde ZGd d!d!e ZGd"d#d#e ZGd$d%d%e ZGd&d'd'eZGd(d)d)e eZdS)*N)utils)UnsupportedAlgorithm_Reasons)BlockCipherAlgorithmCipherAlgorithmc@s6eZdZejedddZejeddddZ dS)ModereturncCsdS)z@ A string naming this mode (e.g. "ECB", "CBC"). Nselfr r S/tmp/pip-target-98j97qn4/lib/python/cryptography/hazmat/primitives/ciphers/modes.pynamesz Mode.nameN algorithmr cCsdS)zq Checks that all the necessary invariants of this (mode, algorithm) combination are met. Nr r rr r r validate_for_algorithmszMode.validate_for_algorithm) __name__ __module__ __qualname__abcabstractpropertystrrabstractmethodrrr r r r rsr) metaclassc@s eZdZejedddZdS)ModeWithInitializationVectorrcCsdS)zP The value of the initialization vector for this mode as bytes. Nr r r r r initialization_vector!sz2ModeWithInitializationVector.initialization_vectorN)rrrrrbytesrr r r r r src@s eZdZejedddZdS) ModeWithTweakrcCsdS)z@ The value of the tweak for this mode as bytes. Nr r r r r tweak)szModeWithTweak.tweakN)rrrrrrrr r r r r(src@s eZdZejedddZdS) ModeWithNoncercCsdS)z@ The value of the nonce for this mode as bytes. Nr r r r r nonce1szModeWithNonce.nonceN)rrrrrrr!r r r r r 0sr c@s&eZdZejejedddZdS)ModeWithAuthenticationTagrcCsdS)zP The value of the tag supplied to the constructor of this mode. Nr r r r r tag9szModeWithAuthenticationTag.tagN) rrrrrtypingOptionalrr#r r r r r"8sr")r rr cCs |jdkr|jdkrtddS)NZAESz=Only 128, 192, and 256 bit keys are allowed for this AES mode)key_sizer ValueErrorrr r r _check_aes_key_length@sr)cCs0t|jd|jkr,tdt|j|jdS)NzInvalid IV size ({}) for {}.)lenr block_sizer(formatrrr r r _check_iv_lengthGs  r.)r!rrr cCsFt|tst|dtjt|d|jkrBtdt||dS)N" requires a block cipher algorithmr*zInvalid nonce size ({}) for {}.) isinstancerrrUNSUPPORTED_CIPHERr+r,r(r-)r!rrr r r _check_nonce_lengthRs r2cCs4t|tst|dtjt||t||dS)Nr/)r0rrrr1r)r.rr r r _check_iv_and_key_length`s  r3c@s4eZdZdZedddZeedddZeZ dS)CBCrcCstd|||_dSNrr_check_byteslike_initialization_vectorr rr r r __init__os z CBC.__init__rcCs|jSNr9r r r r rsszCBC.initialization_vectorN rrrrrr;propertyrr3rr r r r r4ls r4c@s@eZdZdZedddZeedddZeddd d Z dS) XTS)rcCs*td|t|dkr td||_dS)Nrz!tweak must be 128-bits (16 bytes))rr8r+r(_tweak)r rr r r r;}s  z XTS.__init__rcCs|jSr<)rBr r r r rsz XTS.tweakNrcCs|jdvrtddS)N)r&iz\The XTS specification requires a 256-bit key for AES-128-XTS and 512-bit key for AES-256-XTS)r'r(rr r r rs zXTS.validate_for_algorithm) rrrrrr;r?rrrr r r r r@zs r@c@seZdZdZeZdS)ECBN)rrrrr)rr r r r rCsrCc@s4eZdZdZedddZeedddZeZ dS)OFBr5cCstd|||_dSr6r7r:r r r r;s z OFB.__init__rcCs|jSr<r=r r r r rszOFB.initialization_vectorNr>r r r r rDs rDc@s4eZdZdZedddZeedddZeZ dS)CFBr5cCstd|||_dSr6r7r:r r r r;s z CFB.__init__rcCs|jSr<r=r r r r rszCFB.initialization_vectorNr>r r r r rEs rEc@s4eZdZdZedddZeedddZeZ dS)CFB8r5cCstd|||_dSr6r7r:r r r r;s z CFB8.__init__rcCs|jSr<r=r r r r rszCFB8.initialization_vectorNr>r r r r rFs rFc@s@eZdZdZedddZeedddZeddd d Z dS) CTR)r!cCstd|||_dS)Nr!)rr8_nonce)r r!r r r r;s z CTR.__init__rcCs|jSr<)rHr r r r r!sz CTR.nonceNrcCst||t|j|j|dSr<)r)r2r!rrr r r rs zCTR.validate_for_algorithm) rrrrrr;r?r!rrr r r r rGs rGc@sleZdZdZdZdZdeejee dddZ e ejedd d Z e edd d Z edd ddZdS)GCMl?lNrA)rr#min_tag_lengthcCstd|t|dks$t|dkr,td||_|durptd||dkrVtdt||krptd|||_||_dS) Nrr*zIinitialization_vector must be between 8 and 128 bytes (64 and 1024 bits).r#zmin_tag_length must be >= 4z.Authentication tag must be {} bytes or longer.) rr8r+r(r9 _check_bytesr-_tagZ_min_tag_length)r rr#rJr r r r;s$   z GCM.__init__rcCs|jSr<)rNr r r r r#szGCM.tagcCs|jSr<r=r r r r rszGCM.initialization_vectorrcCsTt||t|ts tdtj|jd}|jdurPt|j|krPt d |dS)Nz%GCM requires a block cipher algorithmr*z0Authentication tag cannot be more than {} bytes.) r)r0rrrr1r,rNr+r(r-)r rZblock_size_bytesr r r rs   zGCM.validate_for_algorithm)NrA)rrrrZ_MAX_ENCRYPTED_BYTESZ_MAX_AAD_BYTESrr$r%intr;r?r#rrrr r r r rIs rI)rr$Z cryptographyrZcryptography.exceptionsrrZ/cryptography.hazmat.primitives._cipheralgorithmrrABCMetarrrr r"r)r.rrr2r3r4r@rCrDrErFrGrIr r r r s6