U e]d@sddlmZmZmZddlZddlZddlZddlZddlZddl Z ddl m Z ddl m Z ddlmZddlmZmZddlmZmZmZddlmZGd d d eZd ZGd d d eZGdddeZdS))absolute_importdivisionprint_functionN)utils)InvalidSignature)default_backend)hashespadding)Cipher algorithmsmodes)HMACc@s eZdZdS) InvalidTokenN)__name__ __module__ __qualname__rr5/usr/lib/python3/dist-packages/cryptography/fernet.pyrsr<c@s`eZdZdddZeddZddZdd Zdd d Zd d Z e ddZ ddZ ddZ dS)FernetNcCsR|dkrt}t|}t|dkr,td|dd|_|dd|_||_dS)N z4Fernet key must be 32 url-safe base64-encoded bytes.)rbase64urlsafe_b64decodelen ValueError _signing_key_encryption_key_backend)selfkeybackendrrr__init__s  zFernet.__init__cCsttdS)Nr)rurlsafe_b64encodeosurandom)clsrrr generate_key-szFernet.generate_keycCs$tt}td}||||S)Nr)inttimer$r%_encrypt_from_parts)rdata current_timeivrrrencrypt1s  zFernet.encryptc Cstd|ttjj}||| }t t|j t ||j}||| }dtd|||}t|jt|jd} | || } t|| S)Nr+>Qr!)r _check_bytesr PKCS7r AES block_sizepadderupdatefinalizer rr CBCr encryptorstructZpackr rrSHA256rr#) rr+r,r-r6Z padded_datar: ciphertextZ basic_partshZhmacrrrr*6s   zFernet._encrypt_from_partscCst|\}}||||SN)r_get_unverified_token_data _decrypt_data)rtokenttl timestampr+rrrdecryptIszFernet.decryptcCst|\}}|||Sr?)rr@_verify_signature)rrBrDr+rrrextract_timestampMs zFernet.extract_timestampc Cstd|zt|}Wnttjfk r8tYnX|rNt |ddkrRtzt d|dd\}Wnt j k rtYnX||fS)NrBrr0 ) rr2rr TypeErrorbinasciiErrorrsixZ indexbytesr;Zunpackerror)rBr+rDrrrr@Ss   z!Fernet._get_unverified_token_datacCs\t|jt|jd}||ddz||ddWntk rVtYnXdS)Nr1) r rrr<rr7Zverifyrr)rr+r>rrrrFds zFernet._verify_signaturec Cstt}|dk r4|||kr$t|t|kr4t|||dd}|dd}tt|jt ||j  }| |}z||7}Wntk rtYnXttjj} | |} z| | 7} Wntk rtYnX| S)NrJrP)r(r)r_MAX_CLOCK_SKEWrFr r r4rr r9r decryptorr7r8rr r3r5unpadder) rr+rDrCr,r-r=rSZplaintext_paddedrTZunpaddedrrrrAls4           zFernet._decrypt_data)N)N)rrrr" classmethodr'r.r*rErG staticmethodr@rFrArrrrrs    rc@s.eZdZddZddZddZd dd ZdS) MultiFernetcCst|}|std||_dS)Nz1MultiFernet requires at least one Fernet instance)listr_fernets)rZfernetsrrrr"s zMultiFernet.__init__cCs|jd|S)Nr)rYr.)rmsgrrrr.szMultiFernet.encryptc Csjt|\}}|jD]2}z|||d}WqLWqtk rDYqXqttd}|jd|||S)Nrr)rr@rYrArr$r%r*)rrZrDr+fpr-rrrrotates   zMultiFernet.rotateNc Cs<|jD],}z|||WStk r0YqXqtdSr?)rYrEr)rrZrCr[rrrrEs  zMultiFernet.decrypt)N)rrrr"r.r]rErrrrrWsrW)Z __future__rrrrrLr$r;r)rNZ cryptographyrZcryptography.exceptionsrZcryptography.hazmat.backendsrZcryptography.hazmat.primitivesrr Z&cryptography.hazmat.primitives.ciphersr r r Z#cryptography.hazmat.primitives.hmacr ExceptionrrRobjectrrWrrrrs     m