o g9@sddlmZmZmZmZmZddlZddlmZddlm Z ddl m Z ddl mZmZmZGdddejeZGd d d ejeZed d d ZGdd d ejeZedeeZGdddeeejeZdS))ClassVarGenericOptionalTypeTypeVarN)encoding) exceptions)Encoder)EncryptedMessage StringFixerrandomc@seZdZUdZejjZee e d<e j fde de jfddZde fdd Zde fd d Zd edefd dZd edefddZdS) PublicKeya= The public key counterpart to an Curve25519 :class:`nacl.public.PrivateKey` for encrypting messages. :param public_key: [:class:`bytes`] Encoded Curve25519 public key :param encoder: A class that is able to decode the `public_key` :cvar SIZE: The size that the public key is required to be SIZE public_keyencodercCsH|||_t|jtstdt|j|jkr"td |jdS)Nz'PublicKey must be created from 32 bytesz,The public key must be exactly {} bytes long) decode _public_key isinstancebytesexc TypeErrorlenr ValueErrorformat)selfrrrE/var/www/html/api-tag/env/lib/python3.10/site-packages/nacl/public.py__init__$s   zPublicKey.__init__returncC|jSNrrrrr __bytes__4zPublicKey.__bytes__cCs tt|Sr )hashrr"rrr__hash__7s zPublicKey.__hash__othercCs&t||jsdStjt|t|SNF)r __class__naclbindings sodium_memcmprrr'rrr__eq__:s zPublicKey.__eq__cC ||k Sr rr-rrr__ne__? zPublicKey.__ne__N)__name__ __module__ __qualname____doc__r*r+crypto_box_PUBLICKEYBYTESrrint__annotations__r RawEncoderrr rr#r&objectboolr.r0rrrrr s   r c@seZdZUdZejjZee e d<ejj Z ee e d<e jfdede jfddZee jfdede jd dfd d Zd efd d Zd e fddZded efddZded efddZedddZdS) PrivateKeya{ Private key for decrypting messages using the Curve25519 algorithm. .. warning:: This **must** be protected and remain secret. Anyone who knows the value of your :class:`~nacl.public.PrivateKey` can decrypt any message encrypted by the corresponding :class:`~nacl.public.PublicKey` :param private_key: The private key used to decrypt messages :param encoder: The encoder class used to decode the given keys :cvar SIZE: The size that the private key is required to be :cvar SEED_SIZE: The size that the seed used to generate the private key is required to be r SEED_SIZE private_keyrcCsT||}t|trt||jkstd|jtj |}||_ t ||_ dS)Nz>PrivateKey must be created from a {} bytes long raw secret key)rrrrrrrrr*r+crypto_scalarmult_base _private_keyr r)rr>rraw_public_keyrrrrWs  zPrivateKey.__init__seedrcCsL||}t|trt||jkstd|jtj |\}}||S)ah Generate a PrivateKey using a deterministic construction starting from a caller-provided seed .. warning:: The seed **must** be high-entropy; therefore, its generator **must** be a cryptographic quality random function like, for example, :func:`~nacl.utils.random`. .. warning:: The seed **must** be protected and remain secret. Anyone who knows the seed is really in possession of the corresponding PrivateKey. :param seed: The seed used to generate the private key :rtype: :class:`~nacl.public.PrivateKey` z7PrivateKey seed must be a {} bytes long binary sequence) rrrrr=rrrr*r+crypto_box_seed_keypair)clsrBrraw_pkraw_skrrr from_seedns zPrivateKey.from_seedcCrr )r@r"rrrr#r$zPrivateKey.__bytes__cCstt|t|jfSr )r%typerrr"rrrr&szPrivateKey.__hash__r'cCst||jsdS|j|jkSr()rr)rr-rrrr.s  zPrivateKey.__eq__cCr/r rr-rrrr0r1zPrivateKey.__ne__cCs|ttjtjdS)z~ Generates a random :class:`~nacl.public.PrivateKey` object :rtype: :class:`~nacl.public.PrivateKey` r)r r<rrr9)rDrrrgenerateszPrivateKey.generateN)rr<)r2r3r4r5r*r+crypto_box_SECRETKEYBYTESrrr7r8crypto_box_SEEDBYTESr=rr9rr r classmethodrGr#r&r:r;r.r0rJrrrrr<Cs2   #r<_BoxBox)boundc @seZdZUdZejjZee e d<e e d<de de fddZde fd d Zeejfd eed e d edefddZdejfde dee d ejdefddZdejfde dee d ejde fddZde fddZdS)rOa/ The Box class boxes and unboxes messages between a pair of keys The ciphertexts generated by :class:`~nacl.public.Box` include a 16 byte authenticator which is checked as part of the decryption. An invalid authenticator will cause the decrypt function to raise an exception. The authenticator is not a signature. Once you've decrypted the message you've demonstrated the ability to create arbitrary valid message, so messages you send are repudiable. For non-repudiable messages, sign them after encryption. :param private_key: :class:`~nacl.public.PrivateKey` used to encrypt and decrypt messages :param public_key: :class:`~nacl.public.PublicKey` used to encrypt and decrypt messages :cvar NONCE_SIZE: The size that the nonce is required to be. NONCE_SIZE _shared_keyr>rcCsFt|tr t|tstdtj|jt j d|jt j d|_ dS)Nz5Box must be created from a PrivateKey and a PublicKeyrI) rr<r rrr*r+crypto_box_beforenmencoderr9rR)rr>rrrrrs    z Box.__init__rcCrr rRr"rrrr#r$z Box.__bytes__rDencodedrcCs||}|||_|S)z[ Alternative constructor. Creates a Box from an existing Box's shared key. )__new__rrR)rDrVrboxrrrrs  z Box.decodeN plaintextnoncecCsn|dur t|j}t||jkrtd|jtj|||j}| |}| |}t ||| ||S)a Encrypts the plaintext message using the given `nonce` (or generates one randomly if omitted) and returns the ciphertext encoded with the encoder. .. warning:: It is **VITALLY** important that the nonce is a nonce, i.e. it is a number used only once for any given key. If you fail to do this, you compromise the privacy of the messages encrypted. :param plaintext: [:class:`bytes`] The plaintext message to encrypt :param nonce: [:class:`bytes`] The nonce to use in the encryption :param encoder: The encoder to use to encode the ciphertext :rtype: [:class:`nacl.utils.EncryptedMessage`] N'The nonce must be exactly %s bytes long) r rQrrrr*r+crypto_box_afternmrRrTr _from_parts)rrYrZr ciphertext encoded_nonceencoded_ciphertextrrrencrypts$    z Box.encryptr^cCsb||}|dur|d|j}||jd}t||jkr&td|jtj|||j}|S)a Decrypts the ciphertext using the `nonce` (explicitly, when passed as a parameter or implicitly, when omitted, as part of the ciphertext) and returns the plaintext message. :param ciphertext: [:class:`bytes`] The encrypted message to decrypt :param nonce: [:class:`bytes`] The nonce used when encrypting the ciphertext :param encoder: The encoder used to decode the ciphertext. :rtype: [:class:`bytes`] Nr[) rrQrrrr*r+crypto_box_open_afternmrR)rr^rZrrYrrrdecrypt s z Box.decryptcCr)a Returns the Curve25519 shared secret, that can then be used as a key in other symmetric ciphers. .. warning:: It is **VITALLY** important that you use a nonce with your symmetric cipher. If you fail to do this, you compromise the privacy of the messages encrypted. Ensure that the key length of your cipher is 32 bytes. :rtype: [:class:`bytes`] rUr"rrr shared_key3s zBox.shared_key)r2r3r4r5r*r+crypto_box_NONCEBYTESrQrr7r8rr<r rr#rMrr9rrNr rrr rarcrdrrrrrOsP    . &_Keyc @seZdZUdZeed<eeed<defddZdefdd Z e j fd ed e j defd d Z e j fddded e j defddZdS) SealedBoxa_ The SealedBox class boxes and unboxes messages addressed to a specified key-pair by using ephemeral sender's keypairs, whose private part will be discarded just after encrypting a single plaintext message. The ciphertexts generated by :class:`~nacl.public.SecretBox` include the public part of the ephemeral key before the :class:`~nacl.public.Box` ciphertext. :param recipient_key: a :class:`~nacl.public.PublicKey` used to encrypt messages and derive nonces, or a :class:`~nacl.public.PrivateKey` used to decrypt messages. .. versionadded:: 1.2 rr@ recipient_keycCs^t|tr|jtjd|_d|_dSt|tr*|jtjd|_|jjtjd|_dSt d)NrIz:SealedBox must be created from a PublicKey or a PrivateKey) rr rTrr9rr@r<rrr)rrhrrrrZs    zSealedBox.__init__rcCrr r!r"rrrr#lr$zSealedBox.__bytes__rYrcCstj||j}||}|S)ay Encrypts the plaintext message using a random-generated ephemeral keypair and returns a "composed ciphertext", containing both the public part of the keypair and the ciphertext proper, encoded with the encoder. The private part of the ephemeral key-pair will be scrubbed before returning the ciphertext, therefore, the sender will not be able to decrypt the generated ciphertext. :param plaintext: [:class:`bytes`] The plaintext message to encrypt :param encoder: The encoder to use to encode the ciphertext :return bytes: encoded ciphertext )r*r+crypto_box_sealrrT)rrYrr^r`rrrraos zSealedBox.encryptrzSealedBox[PrivateKey]r^cCs4||}|jdurtdtj||j|j}|S)a Decrypts the ciphertext using the ephemeral public key enclosed in the ciphertext and the SealedBox private key, returning the plaintext message. :param ciphertext: [:class:`bytes`] The encrypted message to decrypt :param encoder: The encoder used to decode the ciphertext. :return bytes: The original plaintext :raises TypeError: if this SealedBox was created with a :class:`~nacl.public.PublicKey` rather than a :class:`~nacl.public.PrivateKey`. Nz4SealedBoxes created with a public key cannot decrypt)rr@rr*r+crypto_box_seal_openr)rr^rrYrrrrcs  zSealedBox.decryptN)r2r3r4r5rr8rrfrr#rr9r rarcrrrrrgEs0   rg)typingrrrrr nacl.bindingsr*rrr nacl.encodingr nacl.utilsr r r Encodabler r<rNrOrfrgrrrrs    , g