U +Mb5%@sdZddlZddlmZddlmZmZmZmZm Z ddl m Z ddl m Z dZedeZz"dZe rzed ed d ZWnek rYnXd d ZddZddZdZdZdZdZdZdZdZdZdZdZ dZ!dZ"dZ#dS)a Module's constants for the modes of operation supported with AES: :var MODE_ECB: :ref:`Electronic Code Book (ECB) ` :var MODE_CBC: :ref:`Cipher-Block Chaining (CBC) ` :var MODE_CFB: :ref:`Cipher FeedBack (CFB) ` :var MODE_OFB: :ref:`Output FeedBack (OFB) ` :var MODE_CTR: :ref:`CounTer Mode (CTR) ` :var MODE_OPENPGP: :ref:`OpenPGP Mode ` :var MODE_CCM: :ref:`Counter with CBC-MAC (CCM) Mode ` :var MODE_EAX: :ref:`EAX Mode ` :var MODE_GCM: :ref:`Galois Counter Mode (GCM) ` :var MODE_SIV: :ref:`Syntethic Initialization Vector (SIV) ` :var MODE_OCB: :ref:`Offset Code Book (OCB) ` N)_create_cipher)load_pycryptodome_raw_lib VoidPointer SmartPointerc_size_t c_uint8_ptr) _cpu_features)get_random_bytesa int AES_start_operation(const uint8_t key[], size_t key_len, void **pResult); int AES_encrypt(const void *state, const uint8_t *in, uint8_t *out, size_t data_len); int AES_decrypt(const void *state, const uint8_t *in, uint8_t *out, size_t data_len); int AES_stop_operation(void *state); zCrypto.Cipher._raw_aeszCrypto.Cipher._raw_aesniAESZAESNIcCs|dd}z|d}Wntk r6tdYnXt|tkrTtdt||rjtrjtj}tj}n t j }t j }t }|t |tt||}|rtd|t||S)z}This method instantiates and returns a handle to a low-level base cipher. It will absorb named parameters in the process. use_aesniTkeyzMissing 'key' parameterz#Incorrect AES key length (%d bytes)z+Error %X while instantiating the AES cipher)popKeyError TypeErrorlenkey_size ValueError_raw_aesni_libZAESNI_start_operationZAESNI_stop_operation _raw_aes_libZAES_start_operationZAES_stop_operationrrrZ address_ofrget)Zdict_parametersr r Zstart_operationZstop_operationcipherresultr8/tmp/pip-target-t616c12r/lib/python/Crypto/Cipher/AES.py_create_base_cipherQs,   rcCsdt|dkrtd|dkr&td}nt|dkr:tdt|ddt|}|dd||fS)zrDerive a tuple (r, s, nonce) for a Poly1305 MAC. If nonce is ``None``, a new 16-byte nonce is generated. z(Poly1305 with AES requires a 32-byte keyNz*Poly1305 with AES requires a 16-byte nonce)rrr newMODE_ECBencrypt)r noncesrrr_derive_Poly1305_key_pairps   r"cOs"d|d<ttjt||f||S)aCreate a new AES cipher. :param key: The secret key to use in the symmetric cipher. It must be 16, 24 or 32 bytes long (respectively for *AES-128*, *AES-192* or *AES-256*). For ``MODE_SIV`` only, it doubles to 32, 48, or 64 bytes. :type key: bytes/bytearray/memoryview :param mode: The chaining mode to use for encryption or decryption. If in doubt, use ``MODE_EAX``. :type mode: One of the supported ``MODE_*`` constants :Keyword Arguments: * **iv** (*bytes*, *bytearray*, *memoryview*) -- (Only applicable for ``MODE_CBC``, ``MODE_CFB``, ``MODE_OFB``, and ``MODE_OPENPGP`` modes). The initialization vector to use for encryption or decryption. For ``MODE_CBC``, ``MODE_CFB``, and ``MODE_OFB`` it must be 16 bytes long. For ``MODE_OPENPGP`` mode only, it must be 16 bytes long for encryption and 18 bytes for decryption (in the latter case, it is actually the *encrypted* IV which was prefixed to the ciphertext). If not provided, a random byte string is generated (you must then read its value with the :attr:`iv` attribute). * **nonce** (*bytes*, *bytearray*, *memoryview*) -- (Only applicable for ``MODE_CCM``, ``MODE_EAX``, ``MODE_GCM``, ``MODE_SIV``, ``MODE_OCB``, and ``MODE_CTR``). A value that must never be reused for any other encryption done with this key (except possibly for ``MODE_SIV``, see below). For ``MODE_EAX``, ``MODE_GCM`` and ``MODE_SIV`` there are no restrictions on its length (recommended: **16** bytes). For ``MODE_CCM``, its length must be in the range **[7..13]**. Bear in mind that with CCM there is a trade-off between nonce length and maximum message size. Recommendation: **11** bytes. For ``MODE_OCB``, its length must be in the range **[1..15]** (recommended: **15**). For ``MODE_CTR``, its length must be in the range **[0..15]** (recommended: **8**). For ``MODE_SIV``, the nonce is optional, if it is not specified, then no nonce is being used, which renders the encryption deterministic. If not provided, for modes other than ``MODE_SIV```, a random byte string of the recommended length is used (you must then read its value with the :attr:`nonce` attribute). * **segment_size** (*integer*) -- (Only ``MODE_CFB``).The number of **bits** the plaintext and ciphertext are segmented in. It must be a multiple of 8. If not specified, it will be assumed to be 8. * **mac_len** : (*integer*) -- (Only ``MODE_EAX``, ``MODE_GCM``, ``MODE_OCB``, ``MODE_CCM``) Length of the authentication tag, in bytes. It must be even and in the range **[4..16]**. The recommended value (and the default, if not specified) is **16**. * **msg_len** : (*integer*) -- (Only ``MODE_CCM``). Length of the message to (de)cipher. If not specified, ``encrypt`` must be called with the entire message. Similarly, ``decrypt`` can only be called once. * **assoc_len** : (*integer*) -- (Only ``MODE_CCM``). Length of the associated data. If not specified, all associated data is buffered internally, which may represent a problem for very large messages. * **initial_value** : (*integer* or *bytes/bytearray/memoryview*) -- (Only ``MODE_CTR``). The initial value for the counter. If not present, the cipher will start counting from 0. The value is incremented by one for each block. The counter number is encoded in big endian mode. * **counter** : (*object*) -- Instance of ``Crypto.Util.Counter``, which allows full customization of the counter block. This parameter is incompatible to both ``nonce`` and ``initial_value``. * **use_aesni** : (*boolean*) -- Use Intel AES-NI hardware extensions (default: use if available). :Return: an AES object, of the applicable mode. TZ add_aes_modes)rsysmodules__name__)r modeargskwargsrrrrser r)rr)$__doc__r#Z Crypto.CipherrZCrypto.Util._raw_apirrrrrZ Crypto.UtilrZ Crypto.Randomr Z_cprotorrZ have_aes_nireplaceOSErrorrr"rrZMODE_CBCZMODE_CFBZMODE_OFBZMODE_CTRZ MODE_OPENPGPZMODE_CCMZMODE_EAXZMODE_SIVZMODE_GCMZMODE_OCB block_sizerrrrrsF   i