o i@sddlmZddlZddlZddlZddlZddlZddlmZddl m Z ddl m Z m Z ddlmZmZmZddlmZGdd d eZd ZGd d d ZGd ddZdS)) annotationsN)utils)InvalidSignature)hashespadding)Cipher algorithmsmodes)HMACc@s eZdZdS) InvalidTokenN)__name__ __module__ __qualname__rrG/home/ubuntu/.local/lib/python3.10/site-packages/cryptography/fernet.pyr sr <c@seZdZ d*d+dd Zed,d d Zd-ddZd.ddZd/ddZd*d0ddZ d1ddZ d2ddZ e d3d!d"Z d4d#d$Zd5d(d)ZdS)6FernetNkey bytes | strbackend typing.AnyreturnNonec Cshzt|}Wntjy}ztd|d}~wwt|dkr$td|dd|_|dd|_dS)Nz4Fernet key must be 32 url-safe base64-encoded bytes. )base64urlsafe_b64decodebinasciiError ValueErrorlen _signing_key_encryption_key)selfrrexcrrr__init__s  zFernet.__init__bytescCsttdS)Nr)rurlsafe_b64encodeosurandom)clsrrr generate_key/szFernet.generate_keydatacC||ttSNencrypt_at_timeinttime)r#r,rrrencrypt3zFernet.encrypt current_timer1cCstd}||||S)Nr)r(r)_encrypt_from_parts)r#r,r5ivrrrr06s zFernet.encrypt_at_timer7c Cstd|ttjj}||| }t t|j t |}||| }d|jddd||}t|jt} | || } t|| S)Nr,big)length byteorder)r _check_bytesrPKCS7rAES block_sizepadderupdatefinalizerr"r CBC encryptorto_bytesr r!rSHA256rr') r#r,r5r7rA padded_datarE ciphertext basic_partshhmacrrrr6:s,    zFernet._encrypt_from_partstokenttl int | NonecCs:t|\}}|durd}n|ttf}||||Sr.)r_get_unverified_token_datar1r2 _decrypt_data)r#rMrN timestampr, time_inforrrdecryptSs zFernet.decryptcCs0|durtdt|\}}|||||fS)Nz6decrypt_at_time() can only be used with a non-None ttl)rrrPrQ)r#rMrNr5rRr,rrrdecrypt_at_time[s zFernet.decrypt_at_timecCst|\}}|||Sr.)rrP_verify_signature)r#rMrRr,rrrextract_timestampes zFernet.extract_timestamptuple[int, bytes]c Cst|ttfs tdzt|}Wn ttjfytw|r'|ddkr)tt |dkr1tt j |dddd}||fS)Nztoken must be bytes or strr r:)r<) isinstancestrr& TypeErrorrrrrr r r1 from_bytes)rMr,rRrrrrPks z!Fernet._get_unverified_token_datacCsNt|jt}||ddz ||ddWdSty&tw)N)r r!rrGrBverifyrr )r#r,rKrrrrV~s zFernet._verify_signaturerRrStuple[int, int] | Nonec Cs|dur|\}}|||krt|t|krt|||dd}|dd}tt|jt| }| |} z| | 7} Wn t yMtwt tjj} | | } z | | 7} W| St yntw)NrZr`)r _MAX_CLOCK_SKEWrVrrr?r"r rD decryptorrBrCrrr>r@unpadder) r#r,rRrSrNr5r7rIreplaintext_paddedrfunpaddedrrrrQs8         zFernet._decrypt_datar.)rrrrrr)rr&)r,r&rr&)r,r&r5r1rr&)r,r&r5r1r7r&rr&)rMrrNrOrr&)rMrrNr1r5r1rr&)rMrrr1)rMrrrX)r,r&rr)r,r&rRr1rSrbrr&)r r rr% classmethodr+r3r0r6rTrUrW staticmethodrPrVrQrrrrrs          rc@sTeZdZdddZddd Zdd d ZdddZddddZd ddZd!ddZ dS)" MultiFernetfernetstyping.Iterable[Fernet]cCst|}|s td||_dS)Nz1MultiFernet requires at least one Fernet instance)listr_fernets)r#rlrrrr%s  zMultiFernet.__init__msgr&rcCr-r.r/)r#rprrrr3r4zMultiFernet.encryptr5r1cCs|jd||S)Nr)ror0)r#rpr5rrrr0szMultiFernet.encrypt_at_timerc Csbt|\}}|jD]}z |||d}Wn tyYq wttd}|jd|||S)Nrr)rrProrQr r(r)r6)r#rprRr,fpr7rrrrotates   zMultiFernet.rotateNrNrOc Cs4|jD]}z |||WStyYqwtr.)rorTr )r#rprNrqrrrrTs  zMultiFernet.decryptc Cs6|jD]}z ||||WStyYqwtr.)rorUr )r#rprNr5rqrrrrUs  zMultiFernet.decrypt_at_timec Cs2|jD]}z||WStyYqwtr.)rorWr )r#rprqrrrrWs  zMultiFernet.extract_timestamp)rlrm)rpr&rr&)rpr&r5r1rr&)rprrr&r.)rprrNrOrr&)rprrNr1r5r1rr&)rprrr1) r r rr%r3r0rsrTrUrWrrrrrks       rk) __future__rrrr(r2typing cryptographyrcryptography.exceptionsrcryptography.hazmat.primitivesrr&cryptography.hazmat.primitives.ciphersrrr #cryptography.hazmat.primitives.hmacr Exceptionr rdrrkrrrrs