HEX

File: //proc/self/root/lib/python3/dist-packages/nacl/__pycache__/secret.cpython-38.pyc
U

�֫[6�@sbddlmZmZmZddlZddlmZddlmZddl	m
Z
mZmZGdd�dej
ee�ZdS)�)�absolute_import�division�print_functionN)�encoding)�
exceptions)�EncryptedMessage�StringFixer�randomc@sfeZdZdZejjZejjZ	ejj
ZejjZ
ejfdd�Zdd�Zdejfdd�Zdejfd	d
�ZdS)�	SecretBoxa5
    The SecretBox class encrypts and decrypts messages using the given secret
    key.

    The ciphertexts generated by :class:`~nacl.secret.Secretbox` include a 16
    byte authenticator which is checked as part of the decryption. An invalid
    authenticator will cause the decrypt function to raise an exception. The
    authenticator is not a signature. Once you've decrypted the message you've
    demonstrated the ability to create arbitrary valid message, so messages you
    send are repudiable. For non-repudiable messages, sign them after
    encryption.

    :param key: The secret key used to encrypt and decrypt messages
    :param encoder: The encoder class used to decode the given key

    :cvar KEY_SIZE: The size that the key is required to be.
    :cvar NONCE_SIZE: The size that the nonce is required to be.
    :cvar MACBYTES: The size of the authentication MAC tag in bytes.
    :cvar MESSAGEBYTES_MAX: The maximum size of a message which can be
                            safely encrypted with a single key/nonce
                            pair.
    cCsF|�|�}t|t�st�d��t|�|jkr<t�d|j��||_dS)Nz'SecretBox must be created from 32 bytesz%The key must be exactly %s bytes long)	�decode�
isinstance�bytes�exc�	TypeError�len�KEY_SIZE�
ValueError�_key)�self�key�encoder�r�-/usr/lib/python3/dist-packages/nacl/secret.py�__init__4s


��zSecretBox.__init__cCs|jS)N)r)rrrr�	__bytes__AszSecretBox.__bytes__NcCsn|dkrt|j�}t|�|jkr0t�d|j��tj�|||j�}|�	|�}|�	|�}t
�|||�	||��S)aL
        Encrypts the plaintext message using the given `nonce` (or generates
        one randomly if omitted) and returns the ciphertext encoded with the
        encoder.

        .. warning:: It is **VITALLY** important that the nonce is a nonce,
            i.e. it is a number used only once for any given key. If you fail
            to do this, you compromise the privacy of the messages encrypted.
            Give your nonces a different prefix, or have one side use an odd
            counter and one an even counter. Just make sure they are different.

        :param plaintext: [:class:`bytes`] The plaintext message to encrypt
        :param nonce: [:class:`bytes`] The nonce to use in the encryption
        :param encoder: The encoder to use to encode the ciphertext
        :rtype: [:class:`nacl.utils.EncryptedMessage`]
        N�'The nonce must be exactly %s bytes long)r	�
NONCE_SIZErrr�nacl�bindingsZcrypto_secretboxr�encoderZ_from_parts)r�	plaintext�noncer�
ciphertextZ
encoded_nonceZencoded_ciphertextrrr�encryptDs"
��

�zSecretBox.encryptcCsb|�|�}|dkr.|d|j�}||jd�}t|�|jkrLt�d|j��tj�|||j�}|S)a�
        Decrypts the ciphertext using the `nonce` (explicitly, when passed as a
        parameter or implicitly, when omitted, as part of the ciphertext) and
        returns the plaintext message.

        :param ciphertext: [:class:`bytes`] The encrypted message to decrypt
        :param nonce: [:class:`bytes`] The nonce used when encrypting the
            ciphertext
        :param encoder: The encoder used to decode the ciphertext.
        :rtype: [:class:`bytes`]
        Nr)	rrrrrrrZcrypto_secretbox_openr)rr"r!rr rrr�decryptis
��zSecretBox.decrypt)�__name__�
__module__�__qualname__�__doc__rrZcrypto_secretbox_KEYBYTESrZcrypto_secretbox_NONCEBYTESrZcrypto_secretbox_MACBYTESZMACBYTESZ!crypto_secretbox_MESSAGEBYTES_MAXZMESSAGEBYTES_MAXrZ
RawEncoderrrr#r$rrrrr
s
%r
)Z
__future__rrrZ
nacl.bindingsrrrrZ
nacl.utilsrrr	Z	Encodable�objectr
rrrr�<module>s