a b'@s|UddlmZddlmZddlmZmZddlm Z ddgZ e Z e ed<eZe ed<eZe ed <eZe ed <eZe ed <eZe ed <eZe ed <eZe ed<eeefdddZeeeefdddZeeeeedddZ eeeeedddZ!eeedddZ"eeeedddZ#eeeedd d!Z$eeed"d#d$Z%eeeed%d&d'Z&d(S)))Tuple) exceptions)ffilib)ensurecrypto_box_keypair crypto_boxcrypto_box_SECRETKEYBYTEScrypto_box_PUBLICKEYBYTEScrypto_box_SEEDBYTEScrypto_box_NONCEBYTEScrypto_box_ZEROBYTEScrypto_box_BOXZEROBYTEScrypto_box_BEFORENMBYTEScrypto_box_SEALBYTES)returncCs`tdt}tdt}t||}t|dkdtjdt |tddt |tddfS)zq Returns a randomly generated public and secret key. :rtype: (bytes(public_key), bytes(secret_key)) unsigned char[]rUnexpected library errorZraisingN) rnewr r rrrexc RuntimeErrorbuffer)pkskrcr?/tmp/pip-target-98j97qn4/lib/python/nacl/bindings/crypto_box.pyr"s   )seedrcCstt|tdtdt|tkr*tdt dt }t dt }t |||}t|dkdtjdt|t ddt|t ddfS)a Returns a (public, secret) keypair deterministically generated from an input ``seed``. .. warning:: The seed **must** be high-entropy; therefore, its generator **must** be a cryptographic quality random function like, for example, :func:`~nacl.utils.random`. .. warning:: The seed **must** be protected and remain secret. Anyone who knows the seed is really in possession of the corresponding PrivateKey. :param seed: bytes :rtype: (bytes(public_key), bytes(secret_key)) zseed must be bytesrz Invalid seedrrrN)r isinstancebytes TypeErrorlenr r ValueErrorrrr r rcrypto_box_seed_keypairrr)rrrrrrrr$4s    r$)messagenoncerrrcCst|tkrtdt|tkr,tdt|tkrBtddt|}tdt|}t ||t||||}t |dkdtj dt |t|td S) z Encrypts and returns a message ``message`` using the secret key ``sk``, public key ``pk``, and the nonce ``nonce``. :param message: bytes :param nonce: bytes :param pk: bytes :param sk: bytes :rtype: bytes Invalid nonce sizeInvalid public keyInvalid secret keyrrrrN)r"r rr#r r r rrrrrrrr)r%r&rrpadded ciphertextrrrrrVs       )r,r&rrrcCst|tkrtdt|tkr,tdt|tkrBtddt|}tdt|}t ||t||||}t |dkdtj dt |t|td S) a Decrypts and returns an encrypted message ``ciphertext``, using the secret key ``sk``, public key ``pk``, and the nonce ``nonce``. :param ciphertext: bytes :param nonce: bytes :param pk: bytes :param sk: bytes :rtype: bytes r'r(r)r*rr/An error occurred trying to decrypt the messagerN)r"r rr#r r rrrrcrypto_box_openr CryptoErrorrr )r,r&rrr+ plaintextresrrrr.ss       r.)rrrcCsnt|tkrtdt|tkr,tdtdt}t |||}t |dkdtj dt |tddS)a Computes and returns the shared key for the public key ``pk`` and the secret key ``sk``. This can be used to speed up operations where the same set of keys is going to be used multiple times. :param pk: bytes :param sk: bytes :rtype: bytes r(r)rrrrN) r"r rr#r rrrrcrypto_box_beforenmrrr)rrkrrrrr2s     r2)r%r&r3rcCst|tkrtdt|tkr,tddt|}tdt|}t ||t|||}t |dkdtj dt |t|t dS) z Encrypts and returns the message ``message`` using the shared key ``k`` and the nonce ``nonce``. :param message: bytes :param nonce: bytes :param k: bytes :rtype: bytes Invalid nonceInvalid shared keyr*rrrrN)r"r rr#rr rrrcrypto_box_afternmrrrr)r%r&r3r+r,rrrrr6s     r6)r,r&r3rcCst|tkrtdt|tkr,tddt|}tdt|}t ||t|||}t |dkdtj dt |t|t dS) z Decrypts and returns the encrypted message ``ciphertext``, using the shared key ``k`` and the nonce ``nonce``. :param ciphertext: bytes :param nonce: bytes :param k: bytes :rtype: bytes r4r5r*rrr-rN)r"r rr#rrrrrcrypto_box_open_afternmrr/rr )r,r&r3r+r0r1rrrr7s     r7)r%rrcCstt|tdtdtt|tdtdt|tkr>tdt|}t|}t d|}t ||||}t|dkdtj dt ||ddS) a Encrypts and returns a message ``message`` using an ephemeral secret key and the public key ``pk``. The ephemeral public key, which is embedded in the sealed box, is also used, in combination with ``pk``, to derive the nonce needed for the underlying box construct. :param message: bytes :param pk: bytes :rtype: bytes .. versionadded:: 1.2 zinput message must be bytesrpublic key must be bytesr(rrrN)rrr r!r"r rr#rrrrcrypto_box_sealrr)r%r_mlen_clenr,rrrrr9s     r9)r,rrrcCstt|tdtdtt|tdtdtt|tdtdt|tkrRtdt|tkrhtdt|}t|t kd t tjd|t }t dt d |}t|||||}t|d kd tjdt ||d d S) a Decrypts and returns an encrypted message ``ciphertext``, using the recipent's secret key ``sk`` and the sender's ephemeral public key embedded in the sealed box. The box contruct nonce is derived from the recipient's public key ``pk`` and the sender's public key. :param ciphertext: bytes :param pk: bytes :param sk: bytes :rtype: bytes .. versionadded:: 1.2 zinput ciphertext must be bytesrr8zsecret key must be bytesr(r)z)Input cyphertext must be at least {} longrrr-N)rrr r!r"r rr#r rformatrrmaxrcrypto_box_seal_openr/r)r,rrr;r:r0r1rrrr? s@      r?N)'typingrZnaclrrZ nacl._sodiumrrZnacl.exceptionsr__all__Zcrypto_box_secretkeybytesr int__annotations__Zcrypto_box_publickeybytesr Zcrypto_box_seedbytesr Zcrypto_box_noncebytesr Zcrypto_box_zerobytesr Zcrypto_box_boxzerobytesrZcrypto_box_beforenmbytesrZcrypto_box_sealbytesrr rr$rr.r2r6r7r9r?rrrrs2  " # &