ffo(ddlmZddlmZddlmZddlmZmZddl m Z m Z m Z ddl mZdZd dZGd d eZ dd ZdS)) unhexlify)BLAKE2s)strxor) long_to_bytes bytes_to_long)bordtobytes _copy_bytes)get_random_bytesNct|dz|z }t|t|t| dS)N)rrlen)bsxor_lsbnums r/builddir/build/BUILD/imunify360-venv-2.3.5/opt/imunify360/venv/lib64/python3.11/site-packages/Crypto/Hash/CMAC.py _shift_bytesr$s@    !W ,C c"gg & &Bxyy 11cFeZdZdZdZdZdZdZdZdZ dZ d Z d Z dS) CMACzA CMAC hash object. Do not instantiate directly. Use the :func:`new` function. :ivar digest_size: the size in bytes of the resulting MAC tag :vartype digest_size: integer Nch||_tdd||_||_||_|jx|_}d|_||_|dkr d}d|_ n"|dkr d}d|_ ntd|zd|z} |j ||j fi|j|_ |j | } t| d d zrt!| ||_nt!| |_t|jd d zrt!|j||_nt!|j|_|j ||j| fi|j|_t+||_d |_| |_d|_d |_|r||dSdS) NilzACMAC requires a cipher with a block size of 8 or 16 bytes, not %dr) digest_sizer _key_factory_cipher_params block_size _block_size_mac_tag_update_after_digest _max_size TypeErrornewMODE_ECB_ecbencryptrr_k1_k2MODE_CBC_cbc bytearray_cache_cache_n_last_ct_last_pt _data_sizeupdate) selfkeymsg ciphermod cipher_paramsmac_lenupdate_after_digestrconst_Rb zero_blockLs r__init__z CMAC.__init__3s#dC00 ! + ) 442 $7! 77H*DNN 2XXH+DNN8:<=>> >r\ !IM#"+"499$($799  I  j ) ) !::  '#Ax00DHH#ADH   t # .#DHh77DHH#DH--DH"IM#"+"4",99%)$799  mm  #     KK       rc|j|jstd|xjt |z c_|j}|jdkrt||jz t |}|d||j|j|j|z<|xj|z c_|j|kr|St||d}| |jd|_t ||z}|dkr4| |d| || d|jd|<n| |||_|S)zAuthenticate the next chunk of message. Args: data (byte string/byte array/memoryview): The next chunk of data Nz4update() cannot be called after digest() or verify()r) r$r%r'r5rr#r2minr1 memoryview_update)r7r9rfillerremains rr6z CMAC.updateosL = $T-F $RSS S 3s88#   =1  dm+SXX66F>A'6'lDK dmF&:: ; MMV #MM}r!! S//&''*C LL % % %DMSB A:: LLXvgX ' ' '#&wxx=DK LL     rcR|j}t||zdksJt|dkrdS|j|}t||kr|j}n|| dz| }|| d|_t ||| d|_dS)z,Update a block aligned to the block boundaryrN)r#rr/r+r3rr4)r7 data_blockrct second_lasts rrEz CMAC._updates :#q(((( z??a   F Y  z * * z??b -KKbSUB3Y-KB344 {Jstt,<== rc,|t}|j|_|jj|j|jj|jfi|j |_ |j dd|_ |jdd|_|S)a+Return a copy ("clone") of the CMAC object. The copy will have the same internal state as the original CMAC object. This can be used to efficiently compute the MAC tag of byte strings that share a common initial substring. :return: An :class:`CMAC` N) __new__r__dict__copyr r(rr.r3r!r/r1)r7objs rrPz CMAC.copysll4  }))++ $4=$TY%)]%;%)]<<(,':<<[^ }QQQ'  rc|j}|j|js|jS|j|jkrt d|jdkr&|jdkrt|j|j }nT|j dd}dd||jz dz zz||jd<tt|j ||j }|j |d|j|_|jS)zReturn the **binary** (non-printable) MAC tag of the message that has been authenticated so far. :return: The MAC tag, computed over the data processed so far. Binary form. :rtype: byte string NzMAC is unsafe for this messagerrr )r#r$r%r5r& ValueErrorr2rr4r,r1r3r-r*r+r)r7rptpartials rdigestz CMAC.digests  = $T-F $= ?T^ + +=>> > =A  $/A"5"5 tx00BBk!!!nG&-2 ;MPQ;Q0R&RGDMNN #t}g66AAB ))"--.?t/?.?@ }rc~ddt|DS)Return the **printable** MAC tag of the message authenticated so far. :return: The MAC tag, computed over the data processed so far. Hexadecimal encoded. :rtype: string c2g|]}dt|zS)z%02x)r).0xs r z"CMAC.hexdigest..s3777a(777r)jointuplerW)r7s r hexdigestzCMAC.hexdigestsFww77!&t{{}}!5!577788 8rctd}tjd||}tjd||}||krt ddS)agVerify that a given **binary** MAC (computed by another party) is valid. Args: mac_tag (byte string/byte array/memoryview): the expected MAC of the message. Raises: ValueError: if the MAC does not match. It means that the message has been tampered with or that the MAC key is incorrect. r) digest_bitsr8datazMAC check failedN)r rr(rWrT)r7mac_tagsecretmac1mac2s rverifyz CMAC.verifysw""%%{sWEEE{sT[[]]KKK ;;==DKKMM ) )/00 0 * )rcd|tt|dS)rYN)rjrr )r7 hex_mac_tags r hexverifyzCMAC.hexverifys, Igk223344444r) __name__ __module__ __qualname____doc__rrAr6rErPrWrarjrmrrrr)sK:::x   D>>>"*< 8 8 8111(55555rrFc|td|int|}||j}|dkrtd||jkrtd|jzt ||||||S)a Create a new MAC object. Args: key (byte string/byte array/memoryview): key for the CMAC object. The key must be valid for the underlying cipher algorithm. For instance, it must be 16 bytes long for AES-128. ciphermod (module): A cipher module from :mod:`Crypto.Cipher`. The cipher's block size has to be 128 bits, like :mod:`Crypto.Cipher.AES`, to reduce the probability of collisions. msg (byte string/byte array/memoryview): Optional. The very first chunk of the message to authenticate. It is equivalent to an early call to `CMAC.update`. Optional. cipher_params (dict): Optional. A set of parameters to use when instantiating a cipher object. mac_len (integer): Length of the MAC, in bytes. It must be at least 4 bytes long. The default (and recommended) length matches the size of a cipher block. update_after_digest (boolean): Optional. By default, a hash object cannot be updated anymore after the digest is computed. When this flag is ``True``, such check is no longer enforced. Returns: A :class:`CMAC` object Nz%ciphermod must be specified (try AES)z,MAC tag length must be at least 4 bytes longz>MAC tag length cannot be larger than a cipher block (%d) bytes)r'dictr"rTr)r8r9r:r;r<r=s rr(r(s@?@@@'/BBT-5H5HM&{{GHHH%%%Y\e\ppqqq S)]G# % %%r)r)NNNNF)binasciir Crypto.HashrCrypto.Util.strxorrCrypto.Util.numberrrCrypto.Util.py3compatrr r Crypto.Randomr rrobjectrr(rrrrr}s.%%%%%%;;;;;;;;<<<<<<<<<<****** 2222 S5S5S5S5S56S5S5S5lDH!/%/%/%/%/%/%r