o ӷ6i@sddlZddlZddlmZddlmZmZmZddlm Z m Z m Z ddl m Z ddlmZddlmZddlmZd d lmZeZGd d d eZdd dZejZddZdddZGdddZGdddeZdS)N)Error) constant_timehashespadding)Cipher algorithmsmodes)HMAC) PBKDF2HMAC)crypto) force_bytes)CryptographyConfc@s eZdZdS) InvalidTokenN)__name__ __module__ __qualname__rre/var/www/hoanhtaovolam_webdjango/env/lib/python3.10/site-packages/django_cryptography/utils/crypto.pyrsrcCsj|durtj}t|}t|}tjtjtjd}||||}t |tjtjd}|t||S)a+ Returns the HMAC-HASH of 'value', using a key generated from key_salt and a secret (which defaults to settings.SECRET_KEY). A different key_salt should be passed in for every application of HMAC. :type key_salt: any :type value: any :type secret: any :rtype: HMAC N)backend) settings SECRET_KEYr rHashCRYPTOGRAPHY_DIGESTCRYPTOGRAPHY_BACKENDupdatefinalizer )key_saltvaluesecretdigestkeyhrrr salted_hmacs r#cCstt|t|S)z> :type val1: any :type val2: any :rtype: bool )rbytes_eqr )val1val2rrrconstant_time_compare<sr'cCsF|durtj}|s |j}t|}t|}t||||tjd}||S)a  Implements PBKDF2 with the same API as Django's existing implementation, using cryptography. :type password: any :type salt: any :type iterations: int :type dklen: int :type digest: cryptography.hazmat.primitives.hashes.HashAlgorithm N) algorithmlengthsalt iterationsr)rr digest_sizer r rderive)passwordr*r+dklenr kdfrrrpbkdf2Es  r1c@s4eZdZdZd ddZddZddZd d d ZdS) FernetBytesa$ This is a modified version of the Fernet encryption algorithm from the Python Cryptography library. The main change is the allowance of varied length cryptographic keys from the base 128-bit. There is also an emphasis on using Django's settings system for sane defaults. NcCs8|dur ddlm}|}tj|_|ptj|_||_dS)Nr  FernetSigner) core.signingr4rr_backendCRYPTOGRAPHY_KEY_encryption_key_signer)selfr!signerr4rrr__init__hs    zFernetBytes.__init__cCst|}td}|||S)z5 :type data: any :rtype: any )r osurandom_encrypt_from_parts)r:dataivrrrencryptqs  zFernetBytes.encryptcCsfttjj}|||}tt|j t ||j  }|||}|j||S)zO :type data: bytes :type iv: bytes :rtype: any )rPKCS7rAES block_sizepadderrrrr8rCBCr6 encryptorr9sign)r:rArBrG padded_datarI ciphertextrrrr@zszFernetBytes._encrypt_from_partsc Cs|j||}|dd}|dd}tt|jt||j }| |}z|| 7}Wn t y9t wttjj}| |}z || 7}W|St yZt w)zP :type data: bytes :type ttl: int :rtype: bytes Nr=)r9unsignrrrEr8rrHr6 decryptorrr ValueErrorrrrDrFunpadder) r:rAttlrBrLrNplaintext_paddedrPunpaddedrrrdecrypts,      zFernetBytes.decrypt)NNN)rrr__doc__r<rCr@rTrrrrr2`s    r2cs6eZdZfddZfddZdfdd ZZS) FernetcsPt|}t|dkrtdddlm}t|dd||dddS)N z4Fernet key must be 32 url-safe base64-encoded bytes.r r3r=)base64urlsafe_b64decodelenrOr5r4superr<)r:r!r4 __class__rrr<s   &zFernet.__init__cst||}t|SrU)r\r@rYurlsafe_b64encode)r:rArBpayloadr]rrr@s zFernet._encrypt_from_partsNc s4zt|}Wn ttfytwt||SrU)rYrZ TypeErrorrrr\rT)r:tokenrQrAr]rrrTs zFernet.decryptrU)rrrr<r@rT __classcell__rrr]rrWs  rWrU)rN)rYr>binasciircryptography.hazmat.primitivesrrr&cryptography.hazmat.primitives.ciphersrrr#cryptography.hazmat.primitives.hmacr )cryptography.hazmat.primitives.kdf.pbkdf2r django.utilsr django.utils.encodingr confrr Exceptionrr#get_random_stringr'r1r2rWrrrrs$       $ F