U ʹh3@sddlmZddlZddlZddlZddlZddlZddlmZddl m Z ddl m Z ddl mZmZddlmZmZmZddlmZGd d d eZd ZGd d d ZGdddZdS)) annotationsN)Iterable)utils)InvalidSignature)hashespadding)Cipher algorithmsmodes)HMACc@s eZdZdS) InvalidTokenN)__name__ __module__ __qualname__rr9./venv/lib/python3.8/site-packages/cryptography/fernet.pyr sr <c@seZdZd)ddddddZedd d d Zddd d dZddddddZdddddddZd*ddddddZ dddddddZ dddddZ e dd dd!d"Z ddd d#d$Zddd%dd&d'd(ZdS)+FernetN bytes | strz typing.AnyNone)keybackendreturnc Csrzt|}Wn.tjk r<}ztd|W5d}~XYnXt|dkrRtd|dd|_|dd|_dS)Nz4Fernet key must be 32 url-safe base64-encoded bytes. )base64urlsafe_b64decodebinasciiError ValueErrorlen _signing_key_encryption_key)selfrrexcrrr__init__s zFernet.__init__bytes)rcCsttdS)Nr)rurlsafe_b64encodeosurandom)clsrrr generate_key0szFernet.generate_key)datarcCs||ttSNencrypt_at_timeinttime)r#r,rrrencrypt4szFernet.encryptr0)r, current_timercCstd}||||S)Nr)r(r)_encrypt_from_parts)r#r,r3ivrrrr/7s zFernet.encrypt_at_time)r,r3r5rc Cstd|ttjj}||| }t t|j t |}||| }d|jddd||}t|jt} | || } t|| S)Nr,big)length byteorder)r _check_bytesrPKCS7r AES block_sizepadderupdatefinalizerr"r CBC encryptorto_bytesr r!rSHA256rr') r#r,r3r5r?Z padded_datarC ciphertextZ basic_partshZhmacrrrr4;s(    zFernet._encrypt_from_parts int | None)tokenttlrcCs:t|\}}|dkrd}n|ttf}||||Sr-)r_get_unverified_token_datar0r1 _decrypt_data)r#rIrJ timestampr, time_inforrrdecryptTs zFernet.decrypt)rIrJr3rcCs0|dkrtdt|\}}|||||fS)Nz6decrypt_at_time() can only be used with a non-None ttl)rrrKrL)r#rIrJr3rMr,rrrdecrypt_at_time\s zFernet.decrypt_at_time)rIrcCst|\}}|||Sr-)rrK_verify_signature)r#rIrMr,rrrextract_timestampfs zFernet.extract_timestampztuple[int, bytes]c Cst|ttfstdzt|}Wnttjfk rBtYnX|rT|ddkrXtt |dkrhtt j |dddd}||fS)Nztoken must be bytes or strr r8)r:) isinstancestrr& TypeErrorrrrrr r r0 from_bytes)rIr,rMrrrrKls  z!Fernet._get_unverified_token_datacCsVt|jt}||ddz||ddWntk rPtYnXdS)N)r r!rrEr@Zverifyrr )r#r,rGrrrrQs zFernet._verify_signatureztuple[int, int] | None)r,rMrNrc Cs|dk r0|\}}|||kr t|t|kr0t|||dd}|dd}tt|jt| }| |} z| | 7} Wnt k rtYnXt tjj} | | } z| | 7} Wnt k rtYnX| S)NrTrZ)r _MAX_CLOCK_SKEWrQrr r=r"r rB decryptorr@rArrr<r>unpadder) r#r,rMrNrJr3r5rFr]Zplaintext_paddedr^ZunpaddedrrrrLs2          zFernet._decrypt_data)N)N)r rrr% classmethodr+r2r/r4rOrPrR staticmethodrKrQrLrrrrrs rc@seZdZddddZdddddZdd dd d d Zd ddddZdd dddddZd d d ddddZd d dddZ dS) MultiFernetzIterable[Fernet])fernetscCst|}|std||_dS)Nz1MultiFernet requires at least one Fernet instance)listr_fernets)r#rbrrrr%s zMultiFernet.__init__r&)msgrcCs||ttSr-r.)r#rerrrr2szMultiFernet.encryptr0)rer3rcCs|jd||S)Nr)rdr/)r#rer3rrrr/szMultiFernet.encrypt_at_timerc Csjt|\}}|jD]2}z|||d}WqLWqtk rDYqXqttd}|jd|||S)Nrr)rrKrdrLr r(r)r4)r#rerMr,fpr5rrrrotates   zMultiFernet.rotateNrH)rerJrc Cs<|jD],}z|||WStk r0YqXqtdSr-)rdrOr )r#rerJrfrrrrOs  zMultiFernet.decrypt)rerJr3rc Cs>|jD].}z||||WStk r2YqXqtdSr-)rdrPr )r#rerJr3rfrrrrPs  zMultiFernet.decrypt_at_timec Cs:|jD]*}z||WStk r.YqXqtdSr-)rdrRr )r#rerfrrrrRs  zMultiFernet.extract_timestamp)N) r rrr%r2r/rhrOrPrRrrrrras ra)Z __future__rrrr(r1typingZcollections.abcrZ cryptographyrZcryptography.exceptionsrZcryptography.hazmat.primitivesrrZ&cryptography.hazmat.primitives.ciphersrr r Z#cryptography.hazmat.primitives.hmacr Exceptionr r\rrarrrrs