a |f@sddlmZddlZddlZddlZddlZddlZddlmZddl m Z ddl m Z m Z ddlmZmZmZddlmZGdd d eZd ZGd d d ZGd ddZdS)) annotationsN)utils)InvalidSignature)hashespadding)Cipher algorithmsmodes)HMACc@s eZdZdS) InvalidTokenN)__name__ __module__ __qualname__rrMD:\Projects\storyit_web\backend\venv\Lib\site-packages\cryptography/fernet.pyr sr <c@seZdZd)ddddddZedd d d Zddd d dZddddddZdddddddZd*ddddddZ dddddddZ dddddZ e dd dd!d"Z ddd d#d$Zddd%dd&d'd(ZdS)+FernetNtyping.Union[bytes, str]z typing.AnyNone)keybackendreturnc Cstzt|}Wn0tjy>}ztd|WYd}~n d}~00t|dkrTtd|dd|_|dd|_dS)Nz4Fernet key must be 32 url-safe base64-encoded bytes. )base64urlsafe_b64decodebinasciiError ValueErrorlen _signing_key_encryption_key)selfrrexcrrr__init__s zFernet.__init__bytes)rcCsttdS)Nr)rurlsafe_b64encodeosurandom)clsrrr generate_key/szFernet.generate_key)datarcCs||ttSNencrypt_at_timeinttime)r"r+rrrencrypt3szFernet.encryptr/)r+ current_timercCstd}||||S)Nr)r'r(_encrypt_from_parts)r"r+r2ivrrrr.6s zFernet.encrypt_at_time)r+r2r4rc Cstd|ttjj}||| }t t|j t |}||| }d|jddd||}t|jt} | || } t|| S)Nr+big)length byteorder)rZ _check_bytesrPKCS7rAES block_sizepadderupdatefinalizerr!r CBC encryptorto_bytesr r rSHA256rr&) r"r+r2r4r=Z padded_datarA ciphertextZ basic_partshhmacrrrr3:s(    zFernet._encrypt_from_partstyping.Optional[int])tokenttlrcCs:t|\}}|durd}n|ttf}||||Sr,)r_get_unverified_token_datar/r0 _decrypt_data)r"rHrI timestampr+ time_inforrrdecryptSs zFernet.decrypt)rHrIr2rcCs0|durtdt|\}}|||||fS)Nz6decrypt_at_time() can only be used with a non-None ttl)rrrJrK)r"rHrIr2rLr+rrrdecrypt_at_time]s zFernet.decrypt_at_time)rHrcCst|\}}|||Sr,)rrJ_verify_signature)r"rHrLr+rrrextract_timestampgs zFernet.extract_timestampztyping.Tuple[int, bytes]c Cst|ttfstdzt|}Wnttjfy@tYn0|rR|ddkrVtt |dkrftt j |dddd}||fS)Nztoken must be bytes or strr r7)r9) isinstancestrr% TypeErrorrrrrr rr/ from_bytes)rHr+rLrrrrJms  z!Fernet._get_unverified_token_datacCsTt|jt}||ddz||ddWntyNtYn0dS)N)r r rrCr>verifyrr )r"r+rErrrrPs  zFernet._verify_signaturez'typing.Optional[typing.Tuple[int, int]])r+rLrMrc Cs|dur0|\}}|||kr t|t|kr0t|||dd}|dd}tt|jt| }| |} z| | 7} Wnt ytYn0t tjj} | | } z| | 7} Wnt ytYn0| S)NrSrY)r _MAX_CLOCK_SKEWrPrrr;r!r r@ decryptorr>r?rrr:r<unpadder) r"r+rLrMrIr2r4rDr]Zplaintext_paddedr^ZunpaddedrrrrKs0           zFernet._decrypt_data)N)N)r r rr$ classmethodr*r1r.r3rNrOrQ staticmethodrJrPrKrrrrrs  rc@steZdZddddZdddddZdd dd d d Zd ddddZdd dddddZd d d ddddZdS) MultiFernetztyping.Iterable[Fernet])fernetscCst|}|std||_dS)Nz1MultiFernet requires at least one Fernet instance)listr_fernets)r"rbrrrr$s zMultiFernet.__init__r%)msgrcCs||ttSr,r-)r"rerrrr1szMultiFernet.encryptr/)rer2rcCs|jd||S)Nr)rdr.)r"rer2rrrr.szMultiFernet.encrypt_at_timerc Csht|\}}|jD]0}z|||d}WqJWqtyBYq0qttd}|jd|||S)Nrr)rrJrdrKr r'r(r3)r"rerLr+fpr4rrrrotates    zMultiFernet.rotateNrG)rerIrc Cs:|jD]*}z|||WSty.Yq0qtdSr,)rdrNr )r"rerIrfrrrrNs   zMultiFernet.decrypt)rerIr2rc Cs<|jD],}z||||WSty0Yq0qtdSr,)rdrOr )r"rerIr2rfrrrrOs   zMultiFernet.decrypt_at_time)N) r r rr$r1r.rhrNrOrrrrras ra) __future__rrrr'r0typingZ cryptographyrZcryptography.exceptionsrZcryptography.hazmat.primitivesrrZ&cryptography.hazmat.primitives.ciphersrrr Z#cryptography.hazmat.primitives.hmacr Exceptionr r\rrarrrrs