
    uhk                     d    d dgZ ddlmZ ddlmZmZ ddlmZmZm	Z	 ddl
mZ  G d d      Zdd
Zy	)newPKCS115_Cipher    )Random)bytes_to_longlong_to_bytes)bordis_bytes_copy_bytes   )pkcs1_decodec                   0    e Zd ZdZd Zd Zd Zd ZddZy)	r   zThis cipher can perform PKCS#1 v1.5 RSA encryption or decryption.
    Do not instantiate directly. Use :func:`Crypto.Cipher.PKCS1_v1_5.new` instead.c                      || _         || _        y)aJ  Initialize this PKCS#1 v1.5 cipher object.

        :Parameters:
         key : an RSA key object
          If a private half is given, both encryption and decryption are possible.
          If a public half is given, only encryption is possible.
         randfunc : callable
          Function that returns random bytes.
        N)_key	_randfunc)selfkeyrandfuncs      N/home/hoppernj/.local/lib/python3.12/site-packages/Crypto/Cipher/PKCS1_v1_5.py__init__zPKCS115_Cipher.__init__#   s     	!    c                 6    | j                   j                         S )z=Return True if this cipher object can be used for encryption.)r   can_encryptr   s    r   r   zPKCS115_Cipher.can_encrypt1       yy$$&&r   c                 6    | j                   j                         S )z=Return True if this cipher object can be used for decryption.)r   can_decryptr   s    r   r   zPKCS115_Cipher.can_decrypt5   r   r   c                    | j                   j                         }t        |      }||dz
  kD  rt        d      g }t        |      ||z
  dz
  k7  rI| j	                  d      }t        |d         dk(  r7|j                  |       t        |      ||z
  dz
  k7  rIdj                  |      }d|z   dz   t        d	d	|      z   }t        |      }| j                   j                  |      }t        ||      }	|	S )
a  Produce the PKCS#1 v1.5 encryption of a message.

        This function is named ``RSAES-PKCS1-V1_5-ENCRYPT``, and it is specified in
        `section 7.2.1 of RFC8017
        <https://tools.ietf.org/html/rfc8017#page-28>`_.

        :param message:
            The message to encrypt, also known as plaintext. It can be of
            variable length, but not longer than the RSA modulus (in bytes) minus 11.
        :type message: bytes/bytearray/memoryview

        :Returns: A byte string, the ciphertext in which the message is encrypted.
            It is as long as the RSA modulus (in bytes).

        :Raises ValueError:
            If the RSA key length is not sufficiently long to deal with the given
            message.
           zPlaintext is too long.   r   r   r   s        N)r   size_in_byteslen
ValueErrorr   r   appendjoinr
   r   _encryptr   )
r   messagekmLenpsnew_byteemem_intm_intcs
             r   encryptzPKCS115_Cipher.encrypt9   s    * II##%7| !b&=566"gTA%~~a(HHQK D(IIh	 "gTA%
 XXb\2'+dD'*JJr"		""6*%#r   c                 n   | j                   j                         }t        |      |k7  rt        d|z        t	        |      }| j                   j                  |      }t        t        |            }t        |      rt        |      |kD  rt        |d||      }|dk  r|S ||d S t        ||||      }||d S )a  Decrypt a PKCS#1 v1.5 ciphertext.

        This is the function ``RSAES-PKCS1-V1_5-DECRYPT`` specified in
        `section 7.2.2 of RFC8017
        <https://tools.ietf.org/html/rfc8017#page-29>`_.

        Args:
          ciphertext (bytes/bytearray/memoryview):
            The ciphertext that contains the message to recover.
          sentinel (any type):
            The object to return whenever an error is detected.
          expected_pt_len (integer):
            The length the plaintext is known to have, or 0 if unknown.

        Returns (byte string):
            It is either the original message or the ``sentinel`` (in case of an error).

        .. warning::
            PKCS#1 v1.5 decryption is intrinsically vulnerable to timing
            attacks (see `Bleichenbacher's`__ attack).
            **Use PKCS#1 OAEP instead**.

            This implementation attempts to mitigate the risk
            with some constant-time constructs.
            However, they are not sufficient by themselves: the type of protocol you
            implement and the way you handle errors make a big difference.

            Specifically, you should make it very hard for the (malicious)
            party that submitted the ciphertext to quickly understand if decryption
            succeeded or not.

            To this end, it is recommended that your protocol only encrypts
            plaintexts of fixed length (``expected_pt_len``),
            that ``sentinel`` is a random byte string of the same length,
            and that processing continues for as long
            as possible even if ``sentinel`` is returned (i.e. in case of
            incorrect decryption).

            .. __: https://dx.doi.org/10.1007/BFb0055716
        z/Ciphertext with incorrect length (not %d bytes)r   r   N)
r   r!   r"   r#   r   _decrypt_to_bytesbytes	bytearrayr	   r   )	r   
ciphertextsentinelexpected_pt_lenr(   ct_intr,   outputsizes	            r   decryptzPKCS115_Cipher.decryptf   s    V II##% z?aNQRRSS z* YY((0 y|$!S]Q%6C&ADaxde}$ B/6Bde}r   N)r   )	__name__
__module____qualname____doc__r   r   r   r0   r;    r   r   r   r      s#    V"''+ZBr   Nc                 >    |t         j                  }t        | |      S )a  Create a cipher for performing PKCS#1 v1.5 encryption or decryption.

    :param key:
      The key to use to encrypt or decrypt the message. This is a `Crypto.PublicKey.RSA` object.
      Decryption is only possible if *key* is a private RSA key.
    :type key: RSA key object

    :param randfunc:
      Function that return random bytes.
      The default is :func:`Crypto.Random.get_random_bytes`.
    :type randfunc: callable

    :returns: A cipher object `PKCS115_Cipher`.
    )r   get_random_bytesr   )r   r   s     r   r   r      s"      **#x((r   )N)__all__Cryptor   Crypto.Util.numberr   r   Crypto.Util.py3compatr   r	   r
   _pkcs1_oaep_decoder   r   r   r@   r   r   <module>rH      s3   . "
#  ; = = ,I IX)r   