Ld8dZddlZddlZddlmZddlmZddlmZddl m Z m Z ddl m Z ddlmZd d lmZd d lmZGd deZGddeZeddeddeddedededgZdS)z authlib.jose.rfc7518 ~~~~~~~~~~~~~~~~~~~~ Cryptographic Algorithms for Cryptographic Algorithms for Content Encryption per `Section 5`_. .. _`Section 5`: https://tools.ietf.org/html/rfc7518#section-5 N)default_backend)Cipher)AES)GCMCBC)PKCS7) InvalidTag)JWEEncAlgorithm) encode_intc*eZdZdZdZdZdZdZdS)CBCHS2EncAlgorithmcd|||_d}||||_||_|dz|_|dz|_t td||_dS)Nz A{}CBC-HS{}z9AES_{}_CBC_HMAC_SHA_{} authenticated encryption algorithmr zsha{}) formatname descriptionkey_sizekey_lenCEK_SIZEgetattrhashlibhash_alg)selfr hash_typetpls CF:\djangOuth\env\Lib\site-packages\authlib/jose/rfc7518/jwe_encs.py__init__zCBCHS2EncAlgorithm.__init__st!((9== I::h ::! 1}  1   )B)BCC ctt|dzd}||z|z|z}tj|||j}|d|jS)Nr@)r lenhmacnewrdigestr)r ciphertextaadivkeyalmsgds r_hmaczCBCHS2EncAlgorithm._hmac(s` C1 b ) )Bh#b( HS#t} - - 4 4 6 6$,r!c6|||d|j}||jd}ttj}|||z}tt|t|t} | } | || z} | | |||} | | fS)aKey Encryption with AES_CBC_HMAC_SHA2. :param msg: text to be encrypt in bytes :param aad: additional authenticated data in bytes :param iv: initialization vector in bytes :param key: encrypted key in bytes :return: (ciphertext, iv, tag) Nbackend) check_ivrrr block_sizepadderupdatefinalizerrr encryptorr/) rr-r)r*r+hkeyekeypad padded_datacipherencr(tags rencryptzCBCHS2EncAlgorithm.encrypt.s b=DL=!4<==!CN##**,,jjoo 6 D 3r77O4E4EFFF  ZZ ,,s||~~= jjS"d333r!ct|||d|j}||jd}|||||}tj||st t t|t|t} | } | || z} ttj} | | | zS)aDKey Decryption with AES AES_CBC_HMAC_SHA2. :param ciphertext: ciphertext in bytes :param aad: additional authenticated data in bytes :param iv: initialization vector in bytes :param tag: authentication tag in bytes :param key: encrypted key in bytes :return: message Nr1)r3rr/r%compare_digestr rrrr decryptorr6r7rr4unpadder) rr(r)r*r?r+r9dkey_tagr=r.dataunpads rdecryptzCBCHS2EncAlgorithm.decryptDs b=DL=!4<==!zz*c2t44"4-- ,, D 3r77O4E4EFFF     xx ##ajjll2cn%%..00||D!!ENN$4$444r!N)__name__ __module__ __qualname__IV_SIZEr r/r@rIr!rrrsZG D D D   ,55555r!rc$eZdZdZdZdZdZdS)GCMEncAlgorithm`cd||_d||_||_||_dS)NzA{}GCMzAES GCM using {}-bit key)rrrrr)rrs rr zGCMEncAlgorithm.__init__bs=OOH-- 5<r(s rr@zGCMEncAlgorithm.encrypths bC#b''?3D3DEEE   ((---ZZ__s||~~5 37""r!cD||tt|t||t }|}|||||zS)a5Key Decryption with AES GCM :param ciphertext: ciphertext in bytes :param aad: additional authenticated data in bytes :param iv: initialization vector in bytes :param tag: authentication tag in bytes :param key: encrypted key in bytes :return: message r1) r3rrrrrCrTr6r7)rr(r)r*r?r+r=r.s rrIzGCMEncAlgorithm.decryptxs bC#b#,,8I8IJJJ      &&s+++xx ##ajjll22r!N)rJrKrLrMr r@rIrNr!rrPrP]sHG!!! ### 33333r!rPrii)__doc__r%rcryptography.hazmat.backendsr&cryptography.hazmat.primitives.ciphersr1cryptography.hazmat.primitives.ciphers.algorithmsr,cryptography.hazmat.primitives.ciphers.modesrr&cryptography.hazmat.primitives.paddingrcryptography.exceptionsr rfc7516r utilr rrPJWE_ENC_ALGORITHMSrNr!rrbs~ 888888999999AAAAAAAAAAAAAA888888......%%%%%%D5D5D5D5D5D5D5D5N)3)3)3)3)3o)3)3)3ZsC  sC  sC  OCOCOC r!