mg*xUdZddlmZmZmZmZmZddlmZm Z m Z m Z ddl m Z mZmZddlmZeeeeeeefZeeeedeffZgZeeed<gZeeed <iZeed <Gd dZGd d eZGddeZGddeZGddeZ dedeedededdf dZ!deefdZ"deefdZ# dFdededefdZ$ dGded ed!eded"ed#edefd$Z%d%e d&d'fd(ed)d'fd*ed+d'fd,ed-d'fd.ed/d'fd0ed1d'fd2ed3dfd4ed5dfd6ed7dfd8ed9dfd:ed;dfded?dfd@edAdfdBedCdfdDedEdffZ&e&D]Z'e!e' y)Hz!Symmetric key encryption handlers)DictListOptionalTupleType) BasicCipher GCMCipher ChachaCipherget_cipher_params)MACget_mac_paramsget_mac)UInt64 Encryption _enc_algs_default_enc_algs _enc_paramsceZdZdZe ddededededededdfd Zedede e e effd Z d e d ed ede eeffdZ d e dede de eeffdZ d e dedede dedeef dZy)rz.Parent class for SSH packet encryption objects cipher_namekeyivmac_algmac_keyetmreturnct)z,Construct a new SSH packet encryption objectNotImplementedErrorclsrrrrrrs 3lib/python3.12/site-packages/asyncssh/encryption.pynewzEncryption.new*s "!ct|S)=Get parameters of the MAC algorithm used with this encryption)rr!rs r"rzEncryption.get_mac_params1sg&&r$seqheaderpacketctEncrypt and sign an SSH packetrselfr(r)r*s r"encrypt_packetzEncryption.encrypt_packet7 "!r$ first_block header_lenct)Decrypt an SSH packet headerrr/r(r2r3s r"decrypt_headerzEncryption.decrypt_header=r1r$firstrestmacct)1Verify the signature of and decrypt an SSH packetrr/r(r8r9r3r:s r"decrypt_packetzEncryption.decrypt_packetCr1r$Nr$r$F)__name__ __module__ __qualname____doc__ classmethodstrbytesboolr#rintrr0r7rr>r$r"rr's 8KN.3"c""5"5""'+"8D"" 'U'uS#t^/D'' "#"u"$").ue|)<" "#"E"#&"+0+>" "#"e"5"#&"-2"7?"r$ceZdZdZdedefdZe ddede de de d e d e d dfd Z d e de de d e e e ffdZd e de de d e e e ffdZd e de de de de d ee f dZy)BasicEncryptionzShim for basic encryptioncipherr:c ||_||_yN)_cipher_mac)r/rLr:s r"__init__zBasicEncryption.__init__Ms  r$rrrrrrrcbt|||}t||}|r t||S|||S)z>Construct a new SSH packet encryption object for basic ciphers)r r ETMEncryption) r!rrrrrrrLr:s r"r#zBasicEncryption.newQs; [#r2gw'  - -vs# #r$r(r)r*c||z}|jr|jj||nd}|jj||fS)r-r$)rPsignrOencrypt)r/r(r)r*r:s r"r0zBasicEncryption.encrypt_packet^sC&-1YYdiinnS&)C||##F+S00r$r2r3cF|jj|}||d|fSr5N)rOdecryptr6s r"r7zBasicEncryption.decrypt_headergs*ll**;7 K 444r$r8r9c||jj|z}|jj|||r||dSyr<N)rOrYrPverifyr/r(r8r9r3r:r*s r"r>zBasicEncryption.decrypt_packetosC--d33 99  C -*+& &r$Nr?)r@rArBrCr r rQrDrErFrGr#rHrr0r7rr>rIr$r"rKrKJs#{KN.3 $c $ $5 $5 $ $'+ $8I $ $1#1u1$1).ue|)<15#5E5#&5+0+>5 # e 5 #& -2 7? r$rKc zeZdZdZdedededeeeffdZdedededeeeffd Zded ed eded ede ef d Z y)rSz$Shim for encrypt-then-mac encryptionr(r)r*rcz||jj|z}||jj||fSr,)rOrVrPrUr.s r"r0zETMEncryption.encrypt_packet~s7$,,..v66tyy~~c6222r$r2r3c||d|fSrXrIr6s r"r7zETMEncryption.decrypt_headerK 444r$r8r9r:c||z}|jj|||r|jj||dSyr[)rPr\rOrYr]s r"r>zETMEncryption.decrypt_packetsB 99  C -<<''z{(;< <r$N) r@rArBrCrHrFrr0r7rr>rIr$r"rSrS{s.3#3u3$3).ue|)<35#5E5#&5+0+>5 # e 5 #& -2 7? r$rSceZdZdZdefdZe ddededededed e d dfd Z eded e e e e ffd Z d e deded e eeffdZd e dede d e eeffdZd e dedede ded eef dZy) GCMEncryptionzShim for GCM encryptionrLc||_yrNrOr/rLs r"rQzGCMEncryption.__init__  r$rrrrrrrc(|t|||S)zzGCMEncryption.decrypt_packets7||..u[j/A/4Z[/AD/H#O Or$Nr?)r@rArBrCr rQrDrErFrGr#rrHrr0r7rr>rIr$r"rdrds!!yKN.34c4454544'+48G44 UuS#t^/D =#=u=$=).ue|)<= 5#5E5#&5+0+>5 O#OeO5O#&O-2O7?Or$rdceZdZdZdefdZe ddededededed e d dfd Z eded e e e e ffd Z d e deded e eeffdZd e dede d e eeffdZd e dedede ded eef dZy)ChachaEncryptionz%Shim for chacha20-poly1305 encryptionrLc||_yrNrfrgs r"rQzChachaEncryption.__init__rhr$rrrrrrrc$|t|S)z?Construct a new SSH packet encryption object for Chacha ciphers)r r s r"r#zChachaEncryption.news <$%%r$cyrkrIr's r"rzChachaEncryption.get_mac_paramsrmr$r(r)r*cN|jj||t|Sr,)rOrorr.s r"r0zChachaEncryption.encrypt_packets!||,,VVVC[IIr$r2r3cV||jj|d|t|fSrX)rOr7rr6s r"r7zChachaEncryption.decrypt_headers3 ++K ,D,23K9: :r$r8r9r:cb|jj|d|||d|zt||Sr[)rOrrrr=s r"r>zChachaEncryption.decrypt_packets>||..u[j/A/4Z[/AD/H/5c{CA Ar$Nr?)r@rArBrCr rQrDrErFrGr#rrHrr0r7rr>rIr$r"rtrts&/|KN.3&c&&5&5&&'+&8J&& UuS#t^/D J#JuJ$J).ue|)<J :#:E:#&:+0+>:A#AeA5A#&A-2A7?Ar$rtenc_alg encryptionrdefaultrNc t|tj||rtj|||ft|<y#t $rYywxYw)z Register an encryption algorithmN)r rappendrrKeyError)r{r|rr}s r"register_encryption_algrsS 9+& !   $ $W - *K8 G    s A AActS)z&Return supported encryption algorithms)rrIr$r"get_encryption_algsrs  r$ctS)z$Return default encryption algorithms)rrIr$r"get_default_encryption_algsrs  r$rcrt|\}}t|\}}}|j|\}}} |||||| fS)z1Get parameters of an encryption and MAC algorithm)rr r) r{rr|r enc_keysize enc_ivsize enc_blocksize mac_keysize mac_hashsizers r"get_encryption_paramsrsS*'2J ->{-K*K]%/%>%>w%G"Ks ] s ,,r$FrrrrcFt|\}}|j||||||S)z:Return an object which can encrypt and decrypt SSH packets)rr#)r{rrrrrr|rs r"get_encryptionrs,*'2J >>+sB# FFr$schacha20-poly1305@openssh.comzchacha20-poly1305Tsaes256-gcm@openssh.comz aes256-gcmsaes128-gcm@openssh.comz aes128-gcms aes256-ctrz aes256-ctrs aes192-ctrz aes192-ctrs aes128-ctrz aes128-ctrs aes256-cbcz aes256-cbcs aes192-cbcz aes192-cbcs aes128-cbcz aes128-cbcs3des-cbczdes3-cbcs blowfish-cbcz blowfish-cbcs cast128-cbcz cast128-cbcsseed-cbc@ssh.comzseed-cbcs arcfour256 arcfour256s arcfour128 arcfour128sarcfourarcfour)r$r?)(rCtypingrrrrrcryptor r r r r:r rrr*rrHrG _EncParamsrFrE _EncParamsMapr__annotations__rrrrKrSrdrtrrrrr _enc_alg_list _enc_alg_argsrIr$r"rs*(44KK--3S#sD0 1 UE$|"4c"9::;  4;!#4;# ] " "F.j.bO8$OJ$ON'Az'AT9U9Z8H9),97;9@D9"T%[ T%[,/ ,5 ,#( ,3= ,LO5:GEGG5G5G!G.2G?IG&'7$ }$ }$ $ $ $ %!%!%!%!%!%!%!%!%!%!?! F#M]+#r$