([f8dZddlZddlZddlmZddlmZddlmZddl m Z m Z ddl m Z ddlmZd d lmZd d lmZGd deZGddeZeddeddeddedededgZdS)z authlib.jose.rfc7518 ~~~~~~~~~~~~~~~~~~~~ Cryptographic Algorithms for Cryptographic Algorithms for Content Encryption per `Section 5`_. .. _`Section 5`: https://tools.ietf.org/html/rfc7518#section-5 N)default_backend)Cipher)AES)GCMCBC)PKCS7) InvalidTag)JWEEncAlgorithm) encode_intc*eZdZdZdZdZdZdZdS)CBCHS2EncAlgorithmcd|d||_d}||||_||_|dz|_|dz|_t td||_dS)NAzCBC-HSz9AES_{}_CBC_HMAC_SHA_{} authenticated encryption algorithmr sha) nameformat descriptionkey_sizekey_lenCEK_SIZEgetattrhashlibhash_alg)selfr hash_typetpls Q/var/www/piapp/venv/lib/python3.11/site-packages/authlib/jose/rfc7518/jwe_encs.py__init__zCBCHS2EncAlgorithm.__init__sq333 33 I::h ::! 1}  1  ):y):):;; ctt|dzd}||z|z|z}tj|||j}|d|jS)Nr@)r lenhmacnewrdigestr)r ciphertextaadivkeyalmsgds r!_hmaczCBCHS2EncAlgorithm._hmac(s` C1 b ) )Bh#b( HS#t} - - 4 4 6 6$,r#c6|||d|j}||jd}ttj}|||z}tt|t|t} | } | || z} | | |||} | | fS)aKey Encryption with AES_CBC_HMAC_SHA2. :param msg: text to be encrypt in bytes :param aad: additional authenticated data in bytes :param iv: initialization vector in bytes :param key: encrypted key in bytes :return: (ciphertext, iv, tag) Nbackend) check_ivrrr block_sizepadderupdatefinalizerrr encryptorr1) rr/r+r,r-hkeyekeypad padded_datacipherencr*tags r!encryptzCBCHS2EncAlgorithm.encrypt.s b=DL=!4<==!CN##**,,jjoo 6 D 3r77O4E4EFFF  ZZ ,,s||~~= jjS"d333r#ct|||d|j}||jd}|||||}tj||st t t|t|t} | } | || z} ttj} | | | zS)aDKey Decryption with AES AES_CBC_HMAC_SHA2. :param ciphertext: ciphertext in bytes :param aad: additional authenticated data in bytes :param iv: initialization vector in bytes :param tag: authentication tag in bytes :param key: encrypted key in bytes :return: message Nr3)r5rr1r'compare_digestr rrrr decryptorr8r9rr6unpadder) rr*r+r,rAr-r;dkey_tagr?r0dataunpads r!decryptzCBCHS2EncAlgorithm.decryptDs b=DL=!4<==!zz*c2t44"4-- ,, D 3r77O4E4EFFF     xx ##ajjll2cn%%..00||D!!ENN$4$444r#N)__name__ __module__ __qualname__IV_SIZEr"r1rBrKr#r!rrsWG < < <   ,55555r#rc$eZdZdZdZdZdZdS)GCMEncAlgorithm`cNd|d|_d|d|_||_||_dS)NrrzAES GCM using z-bit key)rrrr)rrs r!r"zGCMEncAlgorithm.__init__bs9%%%% >H>>>    r#cT||tt|t|t }|}|||||z}||j fS)aKey Encryption with AES GCM :param msg: text to be encrypt in bytes :param aad: additional authenticated data in bytes :param iv: initialization vector in bytes :param key: encrypted key in bytes :return: (ciphertext, iv, tag) r3) r5rrrrr:authenticate_additional_datar8r9rA)rr/r+r,r-r?r@r*s r!rBzGCMEncAlgorithm.encrypths bC#b''?3D3DEEE   ((---ZZ__s||~~5 37""r#cD||tt|t||t }|}|||||zS)a5Key Decryption with AES GCM :param ciphertext: ciphertext in bytes :param aad: additional authenticated data in bytes :param iv: initialization vector in bytes :param tag: authentication tag in bytes :param key: encrypted key in bytes :return: message r3) r5rrrrrErVr8r9)rr*r+r,rAr-r?r0s r!rKzGCMEncAlgorithm.decryptxs bC#b#,,8I8IJJJ      &&s+++xx ##ajjll22r#N)rLrMrNrOr"rBrKrPr#r!rRrR]sHG!!! ### 33333r#rRrii)__doc__r'rcryptography.hazmat.backendsr&cryptography.hazmat.primitives.ciphersr1cryptography.hazmat.primitives.ciphers.algorithmsr,cryptography.hazmat.primitives.ciphers.modesrr&cryptography.hazmat.primitives.paddingrcryptography.exceptionsr rfc7516r utilr rrRJWE_ENC_ALGORITHMSrPr#r!rds~ 888888999999AAAAAAAAAAAAAA888888......%%%%%%D5D5D5D5D5D5D5D5N)3)3)3)3)3o)3)3)3ZsC  sC  sC  OCOCOC r#