240241002/ai_v
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
67f2621a69
ai_v/venv/Lib/site-packages/Cryptodome/Cipher/_mode_kwp.py
公司git 67f2621a69 feat(payment): 集成支付宝支付与订单管理功能 
- 在应用中注册支付蓝图(payment_bp)以支持支付接口
- 配置支付宝相关秘钥、回调地址及环境选项
- 新增订单模型(Order),支持订单数据存储与管理
- 管理后台接口添加订单列表查询功能,支持超级管理员访问
- 购买页面与表单修改,支持不同套餐的购买提交
- 支付成功页面提示,显示订单编号及积分到账信息
- 移除买积分按钮禁用逻辑,开放购买功能
2026-01-14 17:00:43 +08:00

136 lines
3.8 KiB
Python
Raw Blame History

import struct
from types import ModuleType
from typing import Union
from ._mode_kw import W, W_inverse
class KWPMode(object):
"""Key Wrap with Padding (KWP) mode.
This is a deterministic Authenticated Encryption (AE) mode
for protecting cryptographic keys. See `NIST SP800-38F`_.
It provides both confidentiality and authenticity, and it designed
so that any bit of the ciphertext depends on all bits of the plaintext.
This mode is only available for ciphers that operate on 128 bits blocks
(e.g., AES).
.. _`NIST SP800-38F`: http://csrc.nist.gov/publications/nistpubs/800-38F/SP-800-38F.pdf
:undocumented: __init__
"""
def __init__(self,
factory: ModuleType,
key: Union[bytes, bytearray]):
self.block_size = factory.block_size
if self.block_size != 16:
raise ValueError("Key Wrap with Padding mode is only available for ciphers"
" that operate on 128 bits blocks")
self._factory = factory
self._cipher = factory.new(key, factory.MODE_ECB)
self._done = False
def seal(self, plaintext: Union[bytes, bytearray]) -> bytes:
"""Encrypt and authenticate (wrap) a cryptographic key.
Args:
plaintext:
The cryptographic key to wrap.
Returns:
The wrapped key.
"""
if self._done:
raise ValueError("The cipher cannot be used more than once")
if len(plaintext) == 0:
raise ValueError("The plaintext must be at least 1 byte")
if len(plaintext) >= 2 ** 32:
raise ValueError("The plaintext is too long")
padlen = (8 - len(plaintext)) % 8
padded = plaintext + b'\x00' * padlen
AIV = b'\xA6\x59\x59\xA6' + struct.pack('>I', len(plaintext))
if len(padded) == 8:
res = self._cipher.encrypt(AIV + padded)
else:
res = W(self._cipher, AIV + padded)
return res
def unseal(self, ciphertext: Union[bytes, bytearray]) -> bytes:
"""Decrypt and authenticate (unwrap) a cryptographic key.
Args:
ciphertext:
The cryptographic key to unwrap.
It must be at least 16 bytes long, and its length
must be a multiple of 8.
Returns:
The original key.
Raises: ValueError
If the ciphertext or the key are not valid.
"""
if self._done:
raise ValueError("The cipher cannot be used more than once")
if len(ciphertext) % 8:
raise ValueError("The ciphertext must have length multiple of 8 bytes")
if len(ciphertext) < 16:
raise ValueError("The ciphertext must be at least 24 bytes long")
if len(ciphertext) == 16:
S = self._cipher.decrypt(ciphertext)
else:
S = W_inverse(self._cipher, ciphertext)
if S[:4] != b'\xA6\x59\x59\xA6':
raise ValueError("Incorrect decryption")
Plen = struct.unpack('>I', S[4:8])[0]
padlen = len(S) - 8 - Plen
if padlen < 0 or padlen > 7:
raise ValueError("Incorrect decryption")
if S[len(S) - padlen:] != b'\x00' * padlen:
raise ValueError("Incorrect decryption")
return S[8:len(S) - padlen]
def _create_kwp_cipher(factory: ModuleType,
**kwargs: Union[bytes, bytearray]) -> KWPMode:
"""Create a new block cipher in Key Wrap with Padding mode.
Args:
factory:
A block cipher module, taken from `Cryptodome.Cipher`.
The cipher must have block length of 16 bytes, such as AES.
Keywords:
key:
The secret key to use to seal or unseal.
"""
try:
key = kwargs["key"]
except KeyError as e:
raise TypeError("Missing parameter:" + str(e))
return KWPMode(factory, key)
Reference in New Issue View Git Blame Copy Permalink