bXc@`sddlmZmZmZddlmZddlmZmZm Z ddl m Z ddl m Z eje jeje jeje jdefdYZeje jdefd YZd S( i(tabsolute_importtdivisiontprint_function(tutils(t InvalidTagtUnsupportedAlgorithmt_Reasons(tciphers(tmodest_CipherContextcB`sGeZdZdZdZdZdZdZej dZ RS(iic C`sf||_||_||_||_d|_t|jtjrX|jj d|_ n d|_ |jj j }|jj j||jj j}|jj}y |t|t|f}WnAtk rtdj|j|r|jn|tjnX||j||}||jj jkratdj|j|rL|jn|tjnt|tjr|j} n-t|tjr|j} n|jj j} |jj j|||jj j|jj j|jj j|} |jj| dk|jj j |t!|j"} |jj| dkt|tj#r|jj j$||jj j%t!| |jj j} |jj| dk||j&kr|jj j$||jj j't!|j(|j(} |jj| dkqn|jj j||jj j|jj j|j"| |} |jj| dk|jj j)|d||_*dS(Niis8cipher {0} in {1} mode is not supported by this backend.i(+t_backendt_ciphert_modet _operationtNonet_tagt isinstanceRtBlockCipherAlgorithmt block_sizet_block_size_bytest_libtEVP_CIPHER_CTX_newt_ffitgctEVP_CIPHER_CTX_freet_cipher_registryttypetKeyErrorRtformattnameRtUNSUPPORTED_CIPHERtNULLRtModeWithInitializationVectortinitialization_vectort ModeWithNoncetnoncetEVP_CipherInit_extopenssl_asserttEVP_CIPHER_CTX_set_key_lengthtlentkeytGCMtEVP_CIPHER_CTX_ctrltEVP_CTRL_GCM_SET_IVLENt_DECRYPTtEVP_CTRL_GCM_SET_TAGttagtEVP_CIPHER_CTX_set_paddingt_ctx( tselftbackendtciphertmodet operationtctxtregistrytadaptert evp_ciphertiv_noncetres((sR/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/ciphers.pyt__init__sv                       cC`s|jjjdt||jd}|jjjd}|jjj|j|||t|}|jj|dk|jjj ||d S(Nsunsigned char[]isint *i( R RtnewR'RRtEVP_CipherUpdateR0R%tbuffer(R1tdatatbuftoutlenR;((sR/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/ciphers.pytupdategscC`s&t|jtjr%|jdn|jjjd|j}|jjjd}|jj j |j ||}|dkr<|jj }| rt|jtjrt n|jj|dd|jj j|jj j|jj jfkp)|dd|jj j|jj j|jj jfktdnt|jtjr|j|jkr|jjjd|j}|jj j|j |jj j|j|}|jj|dk|jjj||_n|jj j|j }|jj|dk|jjj||d S(Ntsunsigned char[]sint *iisFThe length of the provided data is not a multiple of the block length.(RR RR)RCR RR=RRtEVP_CipherFinal_exR0t_consume_errorsRR%t ERR_LIB_EVPtEVP_F_EVP_ENCRYPTFINAL_EXt'EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTHtEVP_F_EVP_DECRYPTFINAL_EXt ValueErrorR t_ENCRYPTR*tEVP_CTRL_GCM_GET_TAGR?RtEVP_CIPHER_CTX_cleanup(R1RARBR;terrorsttag_buf((sR/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/ciphers.pytfinalizeps@            cC`sb|jjjd}|jjj|j|jjj||t|}|jj|dkdS(Nsint *i( R RR=RR>R0RR'R%(R1R@RBR;((sR/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/ciphers.pytauthenticate_additional_datas 'R( t__name__t __module__RLR,R<RCRQRRRtread_only_propertyR.(((sR/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/ciphers.pyR s S 2 t_AESCTRCipherContextcB`s)eZdZdZdZdZRS(s This is needed to provide support for AES CTR mode in OpenSSL 1.0.0. It can be removed when we drop 1.0.0 support (RHEL 6.4 is the only thing that ships it). cC`s||_|jjjd|_|jjj|jt|jd|j}|jj|dk|jjjdd|_ |jjjd|j |_ |jjjdd|_ dS(Ns AES_KEY *iisunsigned char[]isunsigned char[16]sunsigned int *( R RR=t_keyRtAES_set_encrypt_keyR(R'R%t_ecountR#t_noncet_num(R1R2R3R4R;((sR/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/ciphers.pyR<s  "cC`si|jjjdt|}|jjj||t||j|j|j|j |jjj |S(Nsunsigned char[]( R RR=R'RtAES_ctr128_encryptRWRZRYR[R?(R1R@RA((sR/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/ciphers.pyRCs  cC`s(d|_d|_d|_d|_dS(NRD(RRWRYRZR[(R1((sR/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/ciphers.pyRQs     (RSRTt__doc__R<RCRQ(((sR/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/ciphers.pyRVs N(t __future__RRRt cryptographyRtcryptography.exceptionsRRRtcryptography.hazmat.primitivesRt&cryptography.hazmat.primitives.ciphersRtregister_interfacet CipherContexttAEADCipherContexttAEADEncryptionContexttobjectR RV(((sR/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/ciphers.pyts