U +Mb@sddlmZddlmZmZmZddlmZddlm Z ddl m Z m Z m Z mZmZmZmZe ddZGdd d eZd d Zd S) ) unhexlify)bordtobytes _copy_bytes)BLAKE2s)get_random_bytes)load_pycryptodome_raw_lib VoidPointer SmartPointercreate_string_bufferget_raw_bufferc_size_t c_uint8_ptrzCrypto.Hash._poly1305a int poly1305_init(void **state, const uint8_t *r, size_t r_len, const uint8_t *s, size_t s_len); int poly1305_destroy(void *state); int poly1305_update(void *state, const uint8_t *in, size_t len); int poly1305_digest(const void *state, uint8_t *digest, size_t len); c@sLeZdZdZdZddZddZddZd d Zd d Z d dZ ddZ dS) Poly1305_MACzAn Poly1305 MAC object. Do not instantiate directly. Use the :func:`new` function. :ivar digest_size: the size in bytes of the resulting MAC tag :vartype digest_size: integer c Cst|dkrtdt|dkr(tdd|_t}t|t|tt|t|tt|}|rrtd|t | tj |_ |r| |dS)Nrz Parameter r is not 16 bytes longz Parameter s is not 16 bytes longz%Error %d while instantiating Poly1305)len ValueError_mac_tagr _raw_poly1305Z poly1305_initZ address_ofrr r getZpoly1305_destroy_stateupdate)selfrsdatastateresultr;/tmp/pip-target-t616c12r/lib/python/Crypto/Hash/Poly1305.py__init__?s&      zPoly1305_MAC.__init__cCsB|jrtdt|jt|tt|}|r>t d||S)zAuthenticate the next chunk of message. Args: data (byte string/byte array/memoryview): The next chunk of data z8You can only call 'digest' or 'hexdigest' on this objectz$Error %d while hashing Poly1305 data) r TypeErrorrZpoly1305_updaterrrr rr)rrrrrrrVs   zPoly1305_MAC.updatecCs tdS)N)NotImplementedErrorrrrrcopygszPoly1305_MAC.copycCsP|jr |jStd}t|j|tt|}|r@td|t ||_|jS)zReturn the **binary** (non-printable) MAC tag of the message authenticated so far. :return: The MAC tag digest, computed over the data processed so far. Binary form. :rtype: byte string rz'Error %d while creating Poly1305 digest) rr rZpoly1305_digestrrr rrr )rZbfrrrrrdigestjs     zPoly1305_MAC.digestcCsdddt|DS)zReturn the **printable** MAC tag of the message authenticated so far. :return: The MAC tag, computed over the data processed so far. Hexadecimal encoded. :rtype: string cSsg|]}dt|qS)z%02x)r).0xrrr sz*Poly1305_MAC.hexdigest..)jointupler%r#rrr hexdigests  zPoly1305_MAC.hexdigestcCsHtd}tjd||d}tjd||d}||krDtddS)ahVerify that a given **binary** MAC (computed by another party) is valid. Args: mac_tag (byte string/byte string/memoryview): the expected MAC of the message. Raises: ValueError: if the MAC does not match. It means that the message has been tampered with or that the MAC key is incorrect. r)Z digest_bitskeyrzMAC check failedN)rrnewr%r)rZmac_tagsecretZmac1Zmac2rrrverifys zPoly1305_MAC.verifycCs|tt|dS)a~Verify that a given **printable** MAC (computed by another party) is valid. Args: hex_mac_tag (string): the expected MAC of the message, as a hexadecimal string. Raises: ValueError: if the MAC does not match. It means that the message has been tampered with or that the MAC key is incorrect. N)r1rr)rZ hex_mac_tagrrr hexverifys zPoly1305_MAC.hexverifyN) __name__ __module__ __qualname____doc__ digest_sizer rr$r%r,r1r2rrrrr5s rcKs|dd}t|dstd|dd}|dkr:td|dd}|dd}|rftd t||||\}}}t|||}tdd||_|S) aCreate a new Poly1305 MAC object. Args: key (bytes/bytearray/memoryview): The 32-byte key for the Poly1305 object. cipher (module from ``Crypto.Cipher``): The cipher algorithm to use for deriving the Poly1305 key pair *(r, s)*. It can only be ``Crypto.Cipher.AES`` or ``Crypto.Cipher.ChaCha20``. nonce (bytes/bytearray/memoryview): Optional. The non-repeatable value to use for the MAC of this message. It must be 16 bytes long for ``AES`` and 8 or 12 bytes for ``ChaCha20``. If not passed, a random nonce is created; you will find it in the ``nonce`` attribute of the new object. data (bytes/bytearray/memoryview): Optional. The very first chunk of the message to authenticate. It is equivalent to an early call to ``update()``. Returns: A :class:`Poly1305_MAC` object cipherN_derive_Poly1305_key_pairz*Parameter 'cipher' must be AES or ChaCha20r.zYou must pass a parameter 'key'noncerzUnknown parameters: ) pophasattrrr!strr9rrr:)kwargsr8Z cipher_keyr:rrrZnew_macrrrr/s      r/N)binasciirZCrypto.Util.py3compatrrrZ Crypto.HashrZ Crypto.RandomrZCrypto.Util._raw_apirr r r r r rrobjectrr/rrrrs   ${