o Df@sdZddlZddlZddlmZddlmZddlmZddl m Z m Z ddl m Z ddlmZd d lmZd d lmZGd ddeZGdddeZeddeddeddedededgZdS)z authlib.jose.rfc7518 ~~~~~~~~~~~~~~~~~~~~ Cryptographic Algorithms for Cryptographic Algorithms for Content Encryption per `Section 5`_. .. _`Section 5`: https://tools.ietf.org/html/rfc7518#section-5 N)default_backend)Cipher)AES)GCMCBC)PKCS7) InvalidTag)JWEEncAlgorithm) encode_intc@s0eZdZdZddZddZddZdd Zd S) CBCHS2EncAlgorithmcCsTd|d||_d}||||_||_|d|_|d|_ttd||_dS)NAzCBC-HSz9AES_{}_CBC_HMAC_SHA_{} authenticated encryption algorithmr sha) nameformat descriptionkey_sizekey_lenCEK_SIZEgetattrhashlibhash_alg)selfr hash_typetplrV/home/ubuntu/webapp/venv/lib/python3.10/site-packages/authlib/jose/rfc7518/jwe_encs.py__init__s  zCBCHS2EncAlgorithm.__init__cCsDtt|dd}||||}t|||j}|d|jS)Nr@)r lenhmacnewrdigestr)r ciphertextaadivkeyalmsgdrrr_hmac(szCBCHS2EncAlgorithm._hmacc Cs|||d|j}||jd}ttj}|||}tt|t |t d} | } | || } | | |||} | | fS)aKey Encryption with AES_CBC_HMAC_SHA2. :param msg: text to be encrypt in bytes :param aad: additional authenticated data in bytes :param iv: initialization vector in bytes :param key: encrypted key in bytes :return: (ciphertext, iv, tag) Nbackend) check_ivrrr block_sizepadderupdatefinalizerrr encryptorr-) rr+r'r(r)hkeyekeypad padded_datacipherencr&tagrrrencrypt.s zCBCHS2EncAlgorithm.encryptc Cs|||d|j}||jd}|||||}t||s$ttt|t|t d} | } | || } t tj} | | | S)aDKey Decryption with AES AES_CBC_HMAC_SHA2. :param ciphertext: ciphertext in bytes :param aad: additional authenticated data in bytes :param iv: initialization vector in bytes :param tag: authentication tag in bytes :param key: encrypted key in bytes :return: message Nr.)r0rr-r#compare_digestrrrrr decryptorr3r4rr1unpadder) rr&r'r(r<r)r6dkey_tagr:r,dataunpadrrrdecryptDs  zCBCHS2EncAlgorithm.decryptN)__name__ __module__ __qualname__IV_SIZEr r-r=rErrrrr s   r c@s(eZdZdZddZddZddZdS) GCMEncAlgorithm`cCs,d|d|_d|d|_||_||_dS)NrrzAES GCM using z-bit key)rrrr)rrrrrr bs zGCMEncAlgorithm.__init__cCsP||tt|t|td}|}|||||}||j fS)aKey Encryption with AES GCM :param msg: text to be encrypt in bytes :param aad: additional authenticated data in bytes :param iv: initialization vector in bytes :param key: encrypted key in bytes :return: (ciphertext, iv, tag) r.) r0rrrrr5authenticate_additional_datar3r4r<)rr+r'r(r)r:r;r&rrrr=hs   zGCMEncAlgorithm.encryptcCsH||tt|t||td}|}|||||S)a5Key Decryption with AES GCM :param ciphertext: ciphertext in bytes :param aad: additional authenticated data in bytes :param iv: initialization vector in bytes :param tag: authentication tag in bytes :param key: encrypted key in bytes :return: message r.) r0rrrrr?rLr3r4)rr&r'r(r<r)r:r,rrrrExs  zGCMEncAlgorithm.decryptN)rFrGrHrIr r=rErrrrrJ]s  rJrii)__doc__r#rcryptography.hazmat.backendsr&cryptography.hazmat.primitives.ciphersr1cryptography.hazmat.primitives.ciphers.algorithmsr,cryptography.hazmat.primitives.ciphers.modesrr&cryptography.hazmat.primitives.paddingrcryptography.exceptionsrrfc7516r utilr r rJJWE_ENC_ALGORITHMSrrrrs(        G-