MCPcopy
hub / github.com/pyca/cryptography / _decrypt_data

Method _decrypt_data

src/cryptography/fernet.py:135–168  ·  src/cryptography/fernet.py::Fernet._decrypt_data
(
        self,
        data: bytes,
        timestamp: int,
        time_info: tuple[int, int] | None,
    )

Source from the content-addressed store, hash-verified

133 raise InvalidToken
134
135 def _decrypt_data(
136 self,
137 data: bytes,
138 timestamp: int,
139 time_info: tuple[int, int] | None,
140 ) -> bytes:
141 if time_info is not None:
142 ttl, current_time = time_info
143 if timestamp + ttl < current_time:
144 raise InvalidToken
145
146 if current_time + _MAX_CLOCK_SKEW < timestamp:
147 raise InvalidToken
148
149 self._verify_signature(data)
150
151 iv = data[9:25]
152 ciphertext = data[25:-32]
153 decryptor = Cipher(
154 algorithms.AES(self._encryption_key), modes.CBC(iv)
155 ).decryptor()
156 plaintext_padded = decryptor.update(ciphertext)
157 try:
158 plaintext_padded += decryptor.finalize()
159 except ValueError:
160 raise InvalidToken
161 unpadder = padding.PKCS7(algorithms.AES.block_size).unpadder()
162
163 unpadded = unpadder.update(plaintext_padded)
164 try:
165 unpadded += unpadder.finalize()
166 except ValueError:
167 raise InvalidToken
168 return unpadded
169
170
171class MultiFernet:

Callers 3

decryptMethod · 0.95
decrypt_at_timeMethod · 0.95
rotateMethod · 0.80

Calls 6

_verify_signatureMethod · 0.95
CipherClass · 0.90
decryptorMethod · 0.80
updateMethod · 0.45
finalizeMethod · 0.45
unpadderMethod · 0.45

Tested by

no test coverage detected