o cj @sddlZddlZddlmZddlmZmZddlmZm Z ddl m Z Gdddej dZ Gd d d e ej dZGd d d e ej dZGd dde ej dZGddde ej dZde de ddfddZdededdfddZdedede ddfddZdede ddfddZGdddeZGd d!d!eZGd"d#d#e ZGd$d%d%eZGd&d'd'eZGd(d)d)eZGd*d+d+eZGd,d-d-eeZdS).N)utils)UnsupportedAlgorithm_Reasons)BlockCipherAlgorithmCipherAlgorithm) algorithmsc@s8eZdZejdefddZejdeddfddZ dS)ModereturncCdS)z@ A string naming this mode (e.g. "ECB", "CBC"). Nselfr r Pusr/lib/python3.10/site-packages/cryptography/hazmat/primitives/ciphers/modes.pynamez Mode.name algorithmNcCr )zq Checks that all the necessary invariants of this (mode, algorithm) combination are met. Nr r rr r rvalidate_for_algorithmrzMode.validate_for_algorithm) __name__ __module__ __qualname__abcabstractpropertystrrabstractmethodrrr r r rrs r) metaclassc@ eZdZejdefddZdS)ModeWithInitializationVectorr cCr )zP The value of the initialization vector for this mode as bytes. Nr r r r rinitialization_vector"rz2ModeWithInitializationVector.initialization_vectorN)rrrrrbytesrr r r rr!rc@r) ModeWithTweakr cCr )z@ The value of the tweak for this mode as bytes. Nr r r r rtweak*rzModeWithTweak.tweakN)rrrrrrr"r r r rr!)r r!c@r) ModeWithNoncer cCr )z@ The value of the nonce for this mode as bytes. Nr r r r rnonce2rzModeWithNonce.nonceN)rrrrrrr$r r r rr#1r r#c@s&eZdZejdejefddZdS)ModeWithAuthenticationTagr cCr )zP The value of the tag supplied to the constructor of this mode. Nr r r r rtag:rzModeWithAuthenticationTag.tagN) rrrrrtypingOptionalrr&r r r rr%9sr%r rr cCs$|jdkr|jdkrtddSdS)NZAESz=Only 128, 192, and 256 bit keys are allowed for this AES mode)key_sizer ValueErrorrr r r_check_aes_key_lengthAs r,cCs0t|jd|jkrtdt|j|jdS)NzInvalid IV size ({}) for {}.)lenr block_sizer+formatrrr r r_check_iv_lengthHs r1r$rcCsFt|tst|dtjt|d|jkr!tdt||dS)N" requires a block cipher algorithmr-zInvalid nonce size ({}) for {}.) isinstancerrrUNSUPPORTED_CIPHERr.r/r+r0)r$rrr r r_check_nonce_lengthSs r5cCs4t|tst|dtjt||t||dS)Nr2)r3rrrr4r,r1rr r r_check_iv_and_key_lengthas  r6c@4eZdZdZdefddZedefddZeZ dS)CBCrcCtd|||_dSNrr_check_byteslike_initialization_vectorr rr r r__init__p  z CBC.__init__r cC|jSNr=r r r rrtzCBC.initialization_vectorN rrrrrr?propertyrr6rr r r rr8m r8c@BeZdZdZdefddZedefddZdeddfd d Z dS) XTSr"cCs*td|t|dkrtd||_dS)Nr"z!tweak must be 128-bits (16 bytes))rr<r.r+_tweak)r r"r r rr?~s   z XTS.__init__r cCrArB)rKr r r rr"rDz XTS.tweakrNcCs0t|tjtjfr td|jdvrtddS)Nz\The AES128 and AES256 classes do not support XTS, please use the standard AES class instead.)r)iz\The XTS specification requires a 256-bit key for AES-128-XTS and 512-bit key for AES-256-XTS)r3rZAES128ZAES256 TypeErrorr*r+rr r rrs zXTS.validate_for_algorithm) rrrrrr?rFr"rrr r r rrI{s rIc@seZdZdZeZdS)ECBN)rrrrr,rr r r rrMsrMc@r7)OFBrcCr9r:r;r>r r rr?r@z OFB.__init__r cCrArBrCr r r rrrDzOFB.initialization_vectorNrEr r r rrNrGrNc@r7)CFBrcCr9r:r;r>r r rr?r@z CFB.__init__r cCrArBrCr r r rrrDzCFB.initialization_vectorNrEr r r rrOrGrOc@r7)CFB8rcCr9r:r;r>r r rr?r@z CFB8.__init__r cCrArBrCr r r rrrDzCFB8.initialization_vectorNrEr r r rrPrGrPc@rH) CTRr$cCr9)Nr$)rr<_nonce)r r$r r rr?r@z CTR.__init__r cCrArB)rRr r r rr$rDz CTR.noncerNcCst||t|j|j|dSrB)r,r5r$rrr r rrs zCTR.validate_for_algorithm) rrrrrr?rFr$rrr r r rrQs rQc@sveZdZdZdZdZ  ddedejede fdd Z e d ejefd d Z e d efd dZ ded dfddZdS)GCMl?lNrJrr&min_tag_lengthcCstd|t|dkst|dkrtd||_|dur8td||dkr+tdt||kr8td|||_||_dS) Nrr-zIinitialization_vector must be between 8 and 128 bytes (64 and 1024 bits).r&zmin_tag_length must be >= 4z.Authentication tag must be {} bytes or longer.) rr<r.r+r= _check_bytesr0_tagZ_min_tag_length)r rr&rTr r rr?s$    z GCM.__init__r cCrArB)rXr r r rr&rDzGCM.tagcCrArBrCr r r rrrDzGCM.initialization_vectorrcCsXt||t|tstdtj|jd}|jdur(t|j|kr*t d |dSdS)Nz%GCM requires a block cipher algorithmr-z0Authentication tag cannot be more than {} bytes.) r,r3rrrr4r/rXr.r+r0)r rZblock_size_bytesr r rrs   zGCM.validate_for_algorithm)NrJ)rrrrZ_MAX_ENCRYPTED_BYTESZ_MAX_AAD_BYTESrr'r(intr?rFr&rrrr r r rrSs$ rS) rr' cryptographyrZcryptography.exceptionsrrZ/cryptography.hazmat.primitives._cipheralgorithmrrZ&cryptography.hazmat.primitives.ciphersrABCMetarrr!r#r%r,r1rrr5r6r8rIrMrNrOrPrQrSr r r rsV