o cf&@sddlZddlmZejr+ddlmZddlmZmZm Z m Z m Z ej eee e e fZ dZdZdddefd d Zd ed d fddZd d dddefddZd d d edededejededefddZdeddfddZdededdfddZd d deddfddZd d d eddfd!d"Zd d d#edefd$d%Z d,d d ddded#ed ejed&ed'ejdefd(d)Z d,d d ddded#ed ejed&ed'ejdefd*d+ZdS)-N) InvalidTag)BackendAESCCMAESGCMAESOCB3AESSIVChaCha20Poly1305cipher _AEAD_TYPESreturncCsddlm}m}m}m}m}t||rdSt||r(dt|jdd dSt||r;dt|jdd dSt||rPdt|jdd d  dSt||sWJdt|jdd  dS) Nrrschacha20-poly1305zaes-z-ccmasciiz-ocbz-sivz-gcm) +cryptography.hazmat.primitives.ciphers.aeadrrrrr isinstancelen_keyencode)r rrrrr rV/opt/certbot/lib/python3.10/site-packages/cryptography/hazmat/backends/openssl/aead.py_aead_cipher_names     r cipher_namebackendrcCsl|dr%|j|jj||jj}|||jjk|j||jj}|S|j|}|||jjk|S)Ns-siv) endswith_libEVP_CIPHER_fetch_ffiNULLopenssl_assertgcEVP_CIPHER_freeEVP_get_cipherbyname)rr evp_cipherrrr _evp_cipher1s  r%keycCs||j}|||jjk|j||jj}t|}t||}|j |}|j |||jj||jjd}||dk|SNr) rEVP_CIPHER_CTX_newr rrr!EVP_CIPHER_CTX_freerr% from_bufferEVP_CipherInit_ex)rr r&ctxrr$key_ptrresrrr_aead_create_ctxAs   r/noncetagtag_len operationc Cs.t||}|j}|j||jj}|j|||jj|jj|jjt|t k} | | dk|j ||jj t ||jj} | | dk|tkrV|dusOJt|||n|dro|j ||jj||jj} | | dk|j|} |j|} |j||jj|jj| | t|t k} | | dk|S)Nrs-ccm)r%rr(rr!r)r+rint_ENCRYPTr EVP_CIPHER_CTX_ctrlEVP_CTRL_AEAD_SET_IVLENr_DECRYPT_set_tagrEVP_CTRL_AEAD_SET_TAGr*) rrr&r0r1r2r3r$r,r. nonce_ptrr-rrr _aead_setupXsN       r<cCs,|j||jjt||}||dkdSr')rr6r:rr )rr,r1r.rrrr9sr9c CsH|j|}|j||jj|jj|jj|t|tk}||dkdSr')rr*rr+rr4r5r )rr,r0r3r;r.rrr_set_nonce_operations  r=data_lencCs:|jd}|j||jj||jj|}||dkdSNint *r)rnewrEVP_CipherUpdaterr )rr,r>intptrr.rrr _set_length rDassociated_datacCs:|jd}|j||jj||t|}||dkdSr?)rrArrBrrr )rr,rFoutlenr.rrr _process_aadrErHdatacCsd|jd}|jdt|}|j||||t|}|dkr%|t|j||dddS)Nr@unsigned char[]r)rrArrrB_consume_errorsrbuffer)rr,rIrGbufr.rrr _process_datas rN tag_lengthr,cCsJddlm}m}|durt|} t|| |j|d|t}nt|||tt||r0t ||t ||D]} t ||| q2t |||} |j d} |j dd} |j|| | }||dk| |j | | ddd7} |j d|}|j||jj||}||dk|j |dd}t||r|t |dk|| S| |S)Nrrrr@rJ)rrrrr<rr5r=rrDrrHrNrrArEVP_CipherFinal_exr rLr6EVP_CTRL_AEAD_GET_TAG)rr r0rIrFrOr,rrradprocessed_datarGrMr.tag_bufr1rrr_encryptsB      rWcCsddlm}m}t||krtt||r"|d|} ||d}n|| d} |d| }|durDt|} t|| |j|| |t }n t |||t t ||| t||r^t ||t||D]} t ||| q`t||r|jd} |jdt|} |j|| | |t|}|dkr|t|j| | ddd}|St|||}|jd} |jdd} |j|| | }||j| | ddd7}|dkr|t|S)NrrPr@rJr rQ)rrrrrrrr<rr8r=r9rDrHrrArrBrKrLrNrR)rr r0rIrFrOr,rrr1rrTrGrMr.rUrrr_decryptsJ        rX)N) typingcryptography.exceptionsr TYPE_CHECKING,cryptography.hazmat.backends.openssl.backendrrrrrrr Unionr r5r8bytesrr%r/Optionalr4r<r9r=rDrHrNListAnyrWrXrrrrs     4  A