3TfddlmZddlZddlZddlZddlZddlZddlmZddl m Z ddl m Z m Z ddlmZmZmZddlmZGdd eZd ZGd d ZGd dZy)) annotationsN)utils)InvalidSignature)hashespadding)Cipher algorithmsmodes)HMACc eZdZy) InvalidTokenN)__name__ __module__ __qualname__5/usr/lib/python3/dist-packages/cryptography/fernet.pyr r srr <ceZdZ d ddZeddZddZddZ ddZ d ddZ ddZ dd Z e dd Z dd Z dd Zy)FernetNc tj|}t |dk7r t d|dd|_|dd|_y#tj$r}t d|d}~wwxYw)Nz4Fernet key must be 32 url-safe base64-encoded bytes. )base64urlsafe_b64decodebinasciiError ValueErrorlen _signing_key_encryption_key)selfkeybackendexcs r__init__zFernet.__init__s{  **3/C s8r>F  H"23x~~ F  sAA) A$$A)cRtjtjdS)Nr)rurlsafe_b64encodeosurandom)clss r generate_keyzFernet.generate_key/s'' 277rc\|j|ttjSNencrypt_at_timeinttime)r"datas rencryptzFernet.encrypt3s ##D#diik*:;;rcRtjd}|j|||S)Nr)r)r*_encrypt_from_parts)r"r3 current_timeivs rr0zFernet.encrypt_at_time6s$ ZZ^''lB??rctjd|tjtj j j}|j||jz}tt j |jtj|j}|j||jz}d|jddz|z|z}t!|j"t%j&} | j|| j} t)j*|| zS)Nr3big)length byteorder)r _check_bytesrPKCS7r AES block_sizepadderupdatefinalizerr!r CBC encryptorto_bytesr r rSHA256rr() r"r3r7r8rC padded_datarG ciphertext basic_partshhmacs rr6zFernet._encrypt_from_parts:s 64(z~~889@@BmmD)FOO,==  NN4// 0 IIbM  )+ %%k2Y5G5G5II  ##1#> ?    ""FMMO 4 zz|'' d(:;;rctj|\}}|d}n|ttjf}|j |||Sr.)r_get_unverified_token_datar1r2 _decrypt_data)r"tokenttl timestampr3 time_infos rdecryptzFernet.decryptSsL!;;EB 4 ;Ic$))+./I!!$ 9==rcv| tdtj|\}}|j||||fS)Nz6decrypt_at_time() can only be used with a non-None ttl)rrrPrQ)r"rRrSr7rTr3s rdecrypt_at_timezFernet.decrypt_at_time]sI ;H !;;EB 4!!$ C3FGGrcXtj|\}}|j||Sr.)rrP_verify_signature)r"rRrTr3s rextract_timestampzFernet.extract_timestampgs* ;;EB 4 t$rc:t|ttfs td t j |}|r|ddk7rtt|dkrttj|ddd}||fS#tt jf$rtwxYw)Nztoken must be bytes or strr r<)r>) isinstancestrbytes TypeErrorrrrrr rr1 from_bytes)rRr3rTs rrPz!Fernet._get_unverified_token_datams%#u.89 9 ++E2DtAw$  t9q= NN4!9N> $8>>*   s A:: Bct|jtj}|j |dd |j |ddy#t $rtwxYw)N)r r rrIrDverifyrr )r"r3rMs rrZzFernet._verify_signaturesX ""FMMO 4 ds  HHT#$Z    s AA#ct|%|\}}||z|krt|tz|krt|j||dd}|dd}tt j |j tj|j}|j|} | |jz } tjtj jj!} | j| } | | jz } | S#t$rtwxYw#t$rtwxYw)Nr^rf)r _MAX_CLOCK_SKEWrZrr rAr!r rF decryptorrDrErrr@rBunpadder) r"r3rTrUrSr7r8rKrkplaintext_paddedrlunpaddeds rrQzFernet._decrypt_datas7  ) C3-""o- 9"" t$ !BZ"S\  NN4// 0%))B- )+ %++J7   2 2 4 4 ==!:!:;DDF??#34  ))+ +H      sD?D'D$'D7r.)r#typing.Union[bytes, str]r$z typing.AnyreturnNone)rprb)r3rbrprb)r3rbr7r1rprb)r3rbr7r1r8rbrprb)rRrorStyping.Optional[int]rprb)rRrorSr1r7r1rprb)rRrorpr1)rRrorpztyping.Tuple[int, bytes])r3rbrprq)r3rbrTr1rUz'typing.Optional[typing.Tuple[int, int]]rprb)rrrr& classmethodr,r4r0r6rVrXr[ staticmethodrPrZrQrrrrrs#( %((  (&88<@<<),<27< <4LP>->4H> >H-H47HGJH H ' !(!!!; !  !rrcZeZdZddZd dZd dZd dZ d d dZ ddZy) MultiFernetcBt|}|s td||_y)Nz1MultiFernet requires at least one Fernet instance)listr_fernets)r"fernetss rr&zMultiFernet.__init__s'w-C   rc\|j|ttjSr.r/)r"msgs rr4zMultiFernet.encrypts ##CTYY[)9::rc@|jdj||S)Nr)ryr0)r"r|r7s rr0zMultiFernet.encrypt_at_times}}Q//\BBrctj|\}}|jD]} |j||d}ntt j d}|jdj|||S#t$rY`wxYw)Nrr)rrPryrQr r)r*r6)r"r|rTr3fpr8s rrotatezMultiFernet.rotates ;;C@ 4 A OOD)T:   ZZ^}}Q33Ay"EE    sA:: BBNcv|jD]} |j||cSt#t$rY*wxYwr.)ryrVr )r"r|rSrs rrVzMultiFernet.decryptsI A yyc**     s , 88cx|jD]} |j|||cSt#t$rY+wxYwr.)ryrXr )r"r|rSr7rs rrXzMultiFernet.decrypt_at_timesM A ((c<@@     s - 99)rzztyping.Iterable[Fernet])r|rbrprb)r|rbr7r1rprb)r|rorprbr.)r|rorSrrrprb)r|rorSr1r7r1rprb) rrrr&r4r0rrVrXrrrrvrvsa ;C FJN+2F +25EH rrv) __future__rrrr)r2typing cryptographyrcryptography.exceptionsrcryptography.hazmat.primitivesrr&cryptography.hazmat.primitives.ciphersrr r #cryptography.hazmat.primitives.hmacr Exceptionr rjrrvrrrrsU #  4:LL4 9 PPf//r