U ;g[ @s ddlmZmZmZmZddlZddlmZddlm Z m Z m Z m Z m Z mZddlmZmZmZmZddlmZdd lmZmZd d d d ddddddddg Zdd Zdd Zdd Zdd ZddZddZddZ ddZ!ddZ"d dZ#d!dZ$d"dZ%d#dZ&d$d%Z'd&d'Z(d(d)Z)dS)*)unicode_literalsdivisionabsolute_importprint_functionN)pretty_message)newnullis_nullbuffer_from_bytesbytes_from_bufferderef) libcryptolibcrypto_legacy_supportLibcryptoConsthandle_openssl_error) rand_bytes) type_namebyte_clsaes_cbc_no_padding_decryptaes_cbc_no_padding_encryptaes_cbc_pkcs7_decryptaes_cbc_pkcs7_encryptdes_cbc_pkcs5_decryptdes_cbc_pkcs5_encryptrc2_cbc_pkcs5_decryptrc2_cbc_pkcs5_encrypt rc4_decrypt rc4_encrypttripledes_cbc_pkcs5_decrypttripledes_cbc_pkcs5_encryptcCsjt|}|std}nt|dkr4ttdt|t|ddkrVttdt||t||||dfS)a Encrypts plaintext using AES in CBC mode with a 128, 192 or 256 bit key and no padding. This means the ciphertext must be an exact multiple of 16 bytes long. :param key: The encryption key - a byte string either 16, 24 or 32 bytes long :param data: The plaintext - a byte string :param iv: The initialization vector - either a byte string 16-bytes long or None to generate an IV :raises: ValueError - when any of the parameters contain an invalid value TypeError - when any of the parameters are of the wrong type OSError - when an error is returned by OpenSSL :return: A tuple of two byte strings (iv, ciphertext) : iv must be 16 bytes long - is %s rzJ data must be a multiple of 16 bytes long - is %s F_calculate_aes_cipherrlen ValueErrorr_encryptkeydataivcipherr.?/tmp/pip-unpacked-wheel-x1gypflw/oscrypto/_openssl/symmetric.pyrs  cCs6t|}t|dkr&ttdt|t||||dS)aM Decrypts AES ciphertext in CBC mode using a 128, 192 or 256 bit key and no padding. :param key: The encryption key - a byte string either 16, 24 or 32 bytes long :param data: The ciphertext - a byte string :param iv: The initialization vector - a byte string 16-bytes long :raises: ValueError - when any of the parameters contain an invalid value TypeError - when any of the parameters are of the wrong type OSError - when an error is returned by OpenSSL :return: A byte string of the plaintext r"r#Fr%r&r'r_decryptr)r.r.r/rMs cCsHt|}|std}nt|dkr4ttdt||t||||dfS)a Encrypts plaintext using AES in CBC mode with a 128, 192 or 256 bit key and PKCS#7 padding. :param key: The encryption key - a byte string either 16, 24 or 32 bytes long :param data: The plaintext - a byte string :param iv: The initialization vector - either a byte string 16-bytes long or None to generate an IV :raises: ValueError - when any of the parameters contain an invalid value TypeError - when any of the parameters are of the wrong type OSError - when an error is returned by OpenSSL :return: A tuple of two byte strings (iv, ciphertext) r"r#Tr$r)r.r.r/rqs  cCs6t|}t|dkr&ttdt|t||||dS)a9 Decrypts AES ciphertext in CBC mode using a 128, 192 or 256 bit key :param key: The encryption key - a byte string either 16, 24 or 32 bytes long :param data: The ciphertext - a byte string :param iv: The initialization vector - a byte string 16-bytes long :raises: ValueError - when any of the parameters contain an invalid value TypeError - when any of the parameters are of the wrong type OSError - when an error is returned by OpenSSL :return: A byte string of the plaintext r"r#Tr0r)r.r.r/rs cCsVt|dkrttdt|t|dkr0d}n"t|dkrBd}nt|dkrRd}|S) a Determines if the key is a valid AES 128, 192 or 256 key :param key: A byte string of the key to use :raises: ValueError - when an invalid key is provided :return: A unicode string of the AES variation - "aes128", "aes192" or "aes256" )r" zo key must be either 16, 24 or 32 bytes (128, 192 or 256 bits) long - is %s r"aes128r2aes192r3aes256)r&r'r)r*r-r.r.r/r%s    r%cCsFts tdt|dks$t|dkr6ttdt|td||ddS)a Encrypts plaintext using RC4 with a 40-128 bit key :param key: The encryption key - a byte string 5-16 bytes long :param data: The plaintext - a byte string :raises: ValueError - when any of the parameters contain an invalid value TypeError - when any of the parameters are of the wrong type OSError - when an error is returned by OpenSSL :return: A byte string of the ciphertext -OpenSSL has been compiled without RC4 supportr"Q key must be 5 to 16 bytes (40 to 128 bits) long - is %s rc4N)rEnvironmentErrorr&r'rr(r*r+r.r.r/rscCsFts tdt|dks$t|dkr6ttdt|td||ddS)a Decrypts RC4 ciphertext using a 40-128 bit key :param key: The encryption key - a byte string 5-16 bytes long :param data: The ciphertext - a byte string :raises: ValueError - when any of the parameters contain an invalid value TypeError - when any of the parameters are of the wrong type OSError - when an error is returned by OpenSSL :return: A byte string of the plaintext r7r8r"r9r:Nrr;r&r'rr1r<r.r.r/rscCsvts tdt|dks$t|dkr6ttdt||sDtd}nt|dkrbttdt||td|||dfS) ah Encrypts plaintext using RC2 in CBC mode with a 40-128 bit key and PKCS#5 padding. :param key: The encryption key - a byte string 8 bytes long :param data: The plaintext - a byte string :param iv: The initialization vector - a byte string 8-bytes long or None to generate an IV :raises: ValueError - when any of the parameters contain an invalid value TypeError - when any of the parameters are of the wrong type OSError - when an error is returned by OpenSSL :return: A tuple of two byte strings (iv, ciphertext) -OpenSSL has been compiled without RC2 supportr8r"r99 iv must be 8 bytes long - is %s rc2Trr;r&r'rrr(r*r+r,r.r.r/rs  cCsdts tdt|dks$t|dkr6ttdt|t|dkrTttdt|td|||dS) a5 Decrypts RC2 ciphertext ib CBC mode using a 40-128 bit key and PKCS#5 padding. :param key: The encryption key - a byte string 8 bytes long :param data: The ciphertext - a byte string :param iv: The initialization vector - a byte string 8 bytes long :raises: ValueError - when any of the parameters contain an invalid value TypeError - when any of the parameters are of the wrong type OSError - when an error is returned by OpenSSL :return: A byte string of the plaintext r>r8r"r9r?r@rATr=rCr.r.r/rNs cCst|dkr*t|dkr*ttdt||s8td}nt|dkrVttdt|d}t|dkrz||dd}d}|t||||d fS) a Encrypts plaintext using 3DES in CBC mode using either the 2 or 3 key variant (16 or 24 byte long key) and PKCS#5 padding. :param key: The encryption key - a byte string 16 or 24 bytes long (2 or 3 key mode) :param data: The plaintext - a byte string :param iv: The initialization vector - a byte string 8-bytes long or None to generate an IV :raises: ValueError - when any of the parameters contain an invalid value TypeError - when any of the parameters are of the wrong type OSError - when an error is returned by OpenSSL :return: A tuple of two byte strings (iv, ciphertext) r"r2zT key must be 16 bytes (2 key) or 24 bytes (3 key) long - %s r?z6 iv must be 8 bytes long - %s tripledes_3keyrtripledes_2keyT)r&r'rrr(r)r.r.r/r!{s"   cCs|t|dkr*t|dkr*ttdt|t|dkrHttdt|d}t|dkrl||dd}d}t||||d S) au Decrypts 3DES ciphertext in CBC mode using either the 2 or 3 key variant (16 or 24 byte long key) and PKCS#5 padding. :param key: The encryption key - a byte string 16 or 24 bytes long (2 or 3 key mode) :param data: The ciphertext - a byte string :param iv: The initialization vector - a byte string 8-bytes long :raises: ValueError - when any of the parameters contain an invalid value TypeError - when any of the parameters are of the wrong type OSError - when an error is returned by OpenSSL :return: A byte string of the plaintext r"r2zW key must be 16 bytes (2 key) or 24 bytes (3 key) long - is %s r?r@rDrrET)r&r'rr1r)r.r.r/r s  cCsjts tdt|dkr*ttdt||s8td}nt|dkrVttdt||td|||dfS)a Encrypts plaintext using DES in CBC mode with a 56 bit key and PKCS#5 padding. :param key: The encryption key - a byte string 8 bytes long (includes error correction bits) :param data: The plaintext - a byte string :param iv: The initialization vector - a byte string 8-bytes long or None to generate an IV :raises: ValueError - when any of the parameters contain an invalid value TypeError - when any of the parameters are of the wrong type OSError - when an error is returned by OpenSSL :return: A tuple of two byte strings (iv, ciphertext) -OpenSSL has been compiled without DES supportr?T key must be 8 bytes (56 bits + 8 parity bits) long - is %s r@desTrBrCr.r.r/rs   cCsXts tdt|dkr*ttdt|t|dkrHttdt|td|||dS)aN Decrypts DES ciphertext in CBC mode using a 56 bit key and PKCS#5 padding. :param key: The encryption key - a byte string 8 bytes long (includes error correction bits) :param data: The ciphertext - a byte string :param iv: The initialization vector - a byte string 8-bytes long :raises: ValueError - when any of the parameters contain an invalid value TypeError - when any of the parameters are of the wrong type OSError - when an error is returned by OpenSSL :return: A byte string of the plaintext rFr?rGr@rHTr=rCr.r.r/rs  c Cst|tsttdt|t|ts8ttdt||dkr\t|ts\ttdt||dkr|s|tdddgk}|r|rt|dd krtd d }z^t }t |rt d t ||\}}|d krt}|td dgkrTt||ttt} t | t|t|} t | |d krNt|tjt|d t} t | t}t||t||} t | |d k rt|t|} t | t|} ttd} t|| | |t|} t | t| t| } t|| | } t | | t| t| 7} | WS|rt |Xd S)a Encrypts plaintext :param cipher: A unicode string of "aes128", "aes192", "aes256", "des", "tripledes_2key", "tripledes_3key", "rc2", "rc4" :param key: The encryption key - a byte string 5-32 bytes long :param data: The plaintext - a byte string :param iv: The initialization vector - a byte string - unused for RC4 :param padding: Boolean, if padding should be used - unused for RC4 :raises: ValueError - when any of the parameters contain an invalid value TypeError - when any of the parameters are of the wrong type OSError - when an error is returned by OpenSSL :return: A byte string of the ciphertext ; key must be a byte string, not %s < data must be a byte string, not %s r:: iv must be a byte string, not %s r4r5r6r"rpadding must be specifiedNrAr?int *) isinstancer TypeErrorrrsetr&r'rEVP_CIPHER_CTX_freeEVP_CIPHER_CTX_newr r_setup_evp_encrypt_decryptr ZEVP_EncryptInit_exEVP_CIPHER_CTX_set_key_lengthEVP_CIPHER_CTX_ctrlrEVP_CTRL_SET_RC2_KEY_BITSEVP_CIPHER_CTX_set_paddingintr rZEVP_EncryptUpdater r ZEVP_EncryptFinal_ex) r-r*r+r,paddingZis_aesevp_cipher_ctx evp_cipher buffer_sizeresbuffer output_lengthoutputr.r.r/r(:sr       r(c Cst|tsttdt|t|ts8ttdt||dkr\t|ts\ttdt||tddddgkr||s|tdd }z^t }t |rt d t ||\}}|d krt }|td dgkr6t||t t t }t |t|t|}t ||d kr0t|tjt|d t }t |t }t||t ||}t ||d k rtt|t|}t |t|} ttd } t|| | |t|}t |t| t| } t|| | }t || t| t| 7} | WS|rt|Xd S)a Decrypts AES/RC4/RC2/3DES/DES ciphertext :param cipher: A unicode string of "aes128", "aes192", "aes256", "des", "tripledes_2key", "tripledes_3key", "rc2", "rc4" :param key: The encryption key - a byte string 5-32 bytes long :param data: The ciphertext - a byte string :param iv: The initialization vector - a byte string - unused for RC4 :param padding: Boolean, if padding should be used - unused for RC4 :raises: ValueError - when any of the parameters contain an invalid value TypeError - when any of the parameters are of the wrong type OSError - when an error is returned by OpenSSL :return: A byte string of the plaintext rIrJr:rKr4r5r6rLNrrAr?rM)rNrrOrrrPr'rrQrRr rrSr ZEVP_DecryptInit_exrTr&rUrrVrWrXr rZEVP_DecryptUpdater r ZEVP_DecryptFinal_ex) r-r*r+r,rYrZr[r\r]r^r_r`r.r.r/r1sn      r1c Csxtjtjtjtjtjtjtjtjd|}|dkr>t |}n2dddddddd|}|t t t ||}||fS)a Creates an EVP_CIPHER pointer object and determines the buffer size necessary for the parameter specified. :param evp_cipher_ctx: An EVP_CIPHER_CTX pointer :param cipher: A unicode string of "aes128", "aes192", "aes256", "des", "tripledes_2key", "tripledes_3key", "rc2", "rc4" :param key: The key byte string :param data: The plaintext or ciphertext as a byte string :param padding: If padding is to be used :return: A 2-element tuple with the first element being an EVP_CIPHER pointer and the second being an integer that is the required buffer size )r4r5r6rAr:rHrErDr:r"r?)r4r5r6rArHrErD) rZEVP_aes_128_cbcZEVP_aes_192_cbcZEVP_aes_256_cbcZ EVP_rc2_cbcZEVP_rc4Z EVP_des_cbcZEVP_des_ede_cbcZEVP_des_ede3_cbcr&rXmathceil)r-r+r[r\ block_sizer.r.r/rSs2    rS)* __future__rrrrra_errorsr_ffirr r r r r Z _libcryptorrrrutilr_typesrr__all__rrrrr%rrrrr!r rrr(r1rSr.r.r.r/sF   0$'#!!!0-300,rn