ɯei*ddlmZddlZddlZddlZddlZddlmZddlm Z m Z ddl m Z ddl mZmZmZddlmZmZmZdd lmZmZmZmZdd lmZdd lmZeej>j@d z Z e rdd l!m"Z"ee#Z$ddZ%GddZ&y)) annotationsN) getLogger)IO TYPE_CHECKING)default_backend)Cipher algorithmsmodes) PKCS5_OFFSET PKCS5_PAD PKCS5_UNPAD)UTF8EncryptionMetadataMaterialDescriptorkilobyte)owner_rw_opener) random_string)SnowflakeFileEncryptionMaterialc ttj|jt|jt|j ddS)z.Convert Material Descriptor to Unicode String.)queryIdsmkIdkeySize),:) separators)strjsondumpsquery_idsmk_idkey_size)matdescs e/var/www/html/glpi_dashboard/venv/lib/python3.12/site-packages/snowflake/connector/encryption_util.pymatdesc_to_unicoder&sH  "++W^^,w//0  "    ceZdZed dZedezf d dZedezdf d dZedezf d dZedezddf d dZ y)SnowflakeEncryptionUtilc,tj|S)N)osurandom) byte_lengths r%get_secure_randomz)SnowflakeEncryptionUtil.get_secure_random*szz+&&r'@c tt}tj|j}t |}|j d|tjt}tj|}t} ttj|tj|| } | j!} d} |j#|} t | dk(rnHt | tzdk7rt%| t} d} |j'| j)| h| sG|j'| j)tt+tj-t.z|j'| j1ttj|tj2| } | j!} | j)t%|t| j1z}t5|j6|j8|dz}t;tj<|j?dtj<|j?dtA| }|S) aReads content from src and write the encrypted content into out. This function is sensitive to current position of src and out. It does not seek to position 0 in neither stream objects before or after the encryption. Args: encryption_material: The encryption material for file. src: The input stream. out: The output stream. chunk_size: The size of read chunks (Default value = block_size * 4 * 1024 Returns: The encryption metadata. z key_size = %sbackendFTrr)r"r!r#zutf-8)keyivr$)!r__name__base64standard_b64decodequery_stage_master_keylendebugr)r. block_sizerrr AESr CBC encryptorreadr writeupdatechrencoderfinalizeECBrr"r!r b64encodedecoder&)encryption_materialsrcout chunk_sizelogger decoded_keyr#iv_datafile_keyr2cipherr>paddedchunkenc_kekmat_descmetadatas r%encrypt_streamz&SnowflakeEncryptionUtil.encrypt_stream.s*8$//  6 6 {# _h/*;;JG*<     +t $ >40 G2AA'*   )))     )))s$+B;B/B;/B8 4B;;Cc|j}|j}tj|j}tj|}tj|} t } t tj|tj| } | j} t| j|| jz} t tj| tj| | } | j} d}|j!|}t#|dk7rF||j%|| j|}|}|j!|}t#|dk7rF| t'|}|j%|d| |j%| jy)z7To read from `src` stream then decrypt to `out` stream.r1Nr)r3r4r6r7r8rrr r<r rE decryptorrrArDr=r?r9r@r )rUrHrIrJrK key_base64 iv_base64rM key_bytesiv_bytesr2rPrlrOlast_decrypted_chunkrRdoffsets r%decrypt_streamz&SnowflakeEncryptionUtil.decrypt_streamsv\\ KK //  6 6 --j9 ,,Y7!# {3UYY['R$$& y// :Y=O=O=QQR x0%))H2EwW$$& #$%jAo#/ ./  'A#$ HHZ(E %jAo +!"67F II*8VG4 5 )$$&'r'Fc tjj|dt}|r tjj ||}t j d|||rdnt}t|d5}t|d|5} tj|||| |dddddd|S#1swYxYw#1swY|SxYw)aDecrypts a file and stores the output in the temporary directory. Args: metadata: The file's metadata input. encryption_material: The file's encryption material. in_filename: The name of the input file. chunk_size: The size of read chunks (Default value = block_size * 4 * 1024). tmp_dir: Temporary directory to use, optional (Default value = None). Returns: The decrypted file's location. rXz encrypted file: %s, tmp file: %sNr\r])opener) r+r`rarjoinrLr:rrbr)rt) rUrHrdrKreunsafe_file_writerg file_openerrhris r% decrypt_filez$SnowflakeEncryptionUtil.decrypt_files*!gg..{;rso" $8LL88MM&$ **Q. / ? 8  s s r'