Scripts and Smart Contract

README.md

+# Setup
+
+1. Install [Docker Desktop](https://www.docker.com/products/docker-desktop)
+2. Install [Algorand sandbox](https://github.com/algorand/sandbox)
+3. Add this project folder as bind volume in sandbox `docker-compose.yml` under key `services.algod`:
+    ```yml
+    volumes:
+      - type: bind
+        source: <path>
+        target: /data
+    ```
+4. Start sandbox:
+    ```txt
+    $ ./sandbox up
+    ```
+5. Install Python virtual environment in project folder:
+    ```txt
+    $ python -m venv venv
+    $ source ./venv/Scripts/activate # Windows
+    $ source ./venv/bin/activate # Linux
+    ```
+6. Use Python interpreter: `./venv/Scripts/python.exe`
+    VSCode: `Python: Select Interpreter`
+
+# Scripts
+
+`call.sh`
+`grouped_txn.sh`
+`parallel_calls.sh`
+`vars.sh`
\ No newline at end of file

build.sh

+#!/usr/bin/env bash
+
+mkdir -p ./build/
+# clean
+rm -f ./build/*.teal
+
+set -e # die on error
+
+python ./compile.py "$1" ./build/approval.teal ./build/clear.teal

build/approval.teal

+#pragma version 5
+txn ApplicationID
+int 0
+==
+bnz main_l17
+txn OnCompletion
+int DeleteApplication
+==
+bnz main_l16
+txn OnCompletion
+int UpdateApplication
+==
+bnz main_l15
+txn OnCompletion
+int OptIn
+==
+bnz main_l14
+txn OnCompletion
+int CloseOut
+==
+bnz main_l13
+txn OnCompletion
+int NoOp
+==
+bnz main_l7
+err
+main_l7:
+txna ApplicationArgs 0
+byte "run"
+==
+bnz main_l9
+err
+main_l9:
+byte "count"
+txna ApplicationArgs 1
+btoi
+app_global_put
+int 0
+store 0
+main_l10:
+load 0
+byte "count"
+app_global_get
+<
+bnz main_l12
+int 1
+return
+main_l12:
+byte "counter"
+byte "counter"
+app_global_get
+int 1
++
+app_global_put
+load 0
+int 1
++
+store 0
+b main_l10
+main_l13:
+int 0
+return
+main_l14:
+int 0
+return
+main_l15:
+int 0
+return
+main_l16:
+int 0
+return
+main_l17:
+byte "counter"
+int 0
+app_global_put
+int 1
+return
\ No newline at end of file

build/clear.teal

+#pragma version 5
+int 1
+return
\ No newline at end of file

compile.py

+import importlib
+import sys
+
+from pyteal_helpers import program
+
+if __name__ == "__main__":
+    mod = sys.argv[1]
+
+    try:
+        approval_out = sys.argv[2]
+    except IndexError:
+        approval_out = None
+
+    try:
+        clear_out = sys.argv[3]
+    except IndexError:
+        clear_out = None
+
+    contract = importlib.import_module(mod)
+
+    if approval_out is None:
+        print(program.application(contract.approval()))
+    else:
+        with open(approval_out, "w") as h:
+            h.write(program.application(contract.approval()))
+
+    if clear_out is not None:
+        with open(clear_out, "w") as h:
+            h.write(program.application(contract.clear()))

contracts/counter/step_01.py

+from pyteal import *
+# from pyteal.ast.bytes import Bytes
+from pyteal_helpers import program
+
+
+# def approval():
+#     # globals
+#     global_owner = Bytes("owner")  # byteslice
+#     global_counter = Bytes("counter")  # uint64
+
+#     op_increment = Bytes("inc")
+#     op_decrement = Bytes("dec")
+
+#     increment = Seq(
+#         [
+#             App.globalPut(global_counter, App.globalGet(global_counter) + Int(1)),
+#             Approve(),
+#         ]
+#     )
+
+#     decrement = Seq(
+#         [
+#             App.globalPut(global_counter, App.globalGet(global_counter) - Int(1)),
+#             Approve(),
+#         ]
+#     )
+
+#     return program.event(
+#         init=Seq(
+#             [
+#                 App.globalPut(global_owner, Txn.sender()),
+#                 App.globalPut(global_counter, Int(0)),
+#                 Approve(),
+#             ]
+#         ),
+#         no_op=Cond(
+#             [Txn.application_args[0] == op_increment, increment],
+#             [Txn.application_args[0] == op_decrement, decrement],
+#         ),
+#     )
+
+UINT64_MAX = 0xffffffffffffffff
+
+def approval():
+    global_counter = Bytes("counter")
+    global_owner = Bytes("owner")
+    op_increment = Bytes("inc")
+    op_decrement = Bytes("dec")
+    
+    scratch_counter = ScratchVar(TealType.uint64)
+
+    increment = Seq(
+        scratch_counter.store(App.globalGet(global_counter)),
+        If(
+            scratch_counter.load() < Int(UINT64_MAX)
+        ).Then(
+            App.globalPut(global_counter, scratch_counter.load() + Int(1)),
+        ),
+        Approve()
+    )
+    
+    decrement = Seq(
+        scratch_counter.store(App.globalGet(global_counter)),
+        If(
+            scratch_counter.load() > Int(0)
+        ).Then(
+            App.globalPut(global_counter, scratch_counter.load() - Int(1)),
+        ),
+        Approve()
+    )
+    return program.event(
+        init=Seq(
+            App.globalPut(global_counter,Int(0)),
+            App.globalPut(global_owner,Txn.sender()),
+            Approve(),
+        ),
+        no_op=Cond(
+            [Txn.application_args[0] == op_increment, increment],
+            [Txn.application_args[0] == op_decrement, decrement],
+        ),
+    )
+
+def clear():
+    return Approve()

contracts/counter/step_02.py

+from pyteal import *
+from pyteal.ast.bytes import Bytes
+from pyteal_helpers import program
+
+UINT64_MAX = 0xFFFFFFFFFFFFFFFF
+
+
+def approval():
+    # globals
+    global_owner = Bytes("owner")  # byteslice
+    global_counter = Bytes("counter")  # uint64
+
+    op_increment = Bytes("inc")
+    op_decrement = Bytes("dec")
+
+    scratch_counter = ScratchVar(TealType.uint64)
+
+    increment = Seq(
+        [
+            scratch_counter.store(App.globalGet(global_counter)),
+            # check overflow
+            If(
+                scratch_counter.load() < Int(UINT64_MAX),
+                App.globalPut(global_counter, scratch_counter.load() + Int(1)),
+            ),
+            Approve(),
+        ]
+    )
+
+    decrement = Seq(
+        [
+            scratch_counter.store(App.globalGet(global_counter)),
+            # check underflow
+            If(
+                scratch_counter.load() > Int(0),
+                App.globalPut(global_counter, scratch_counter.load() - Int(1)),
+            ),
+            Approve(),
+        ]
+    )
+
+    return program.event(
+        init=Seq(
+            [
+                App.globalPut(global_owner, Txn.sender()),
+                App.globalPut(global_counter, Int(0)),
+                Approve(),
+            ]
+        ),
+        no_op=Cond(
+            [Txn.application_args[0] == op_increment, increment],
+            [Txn.application_args[0] == op_decrement, decrement],
+        ),
+    )
+
+
+def clear():
+    return Approve()

contracts/test/call.sh

+#!/usr/bin/env bash
+
+source "$(dirname ${BASH_SOURCE[0]})/vars.sh"
+
+goal app create \
+    --creator $ONE \
+    --approval-prog /data/build/approval.teal \
+    --clear-prog /data/build/clear.teal \
+    --global-byteslices 2 \
+    --global-ints 2 \
+    --local-byteslices 2 \
+    --local-ints  2
\ No newline at end of file

contracts/test/grouped_txn.sh

+#!/usr/bin/env bash
+
+source "$(dirname ${BASH_SOURCE[0]})/vars.sh"
+
+goal app call \
+    --app-id 1 \
+    -f "$ONE" \
+    --app-arg "str:run" \
+    --app-arg "int:$ITR" \
+    -o call-main.tx
+
+
+for (( i=1 ; i<$NTXN ; i++ ));
+do
+    goal app call \
+        --app-id 1 \
+        -f "$ONE" \
+        --app-arg "str:run" \
+        --app-arg "int:0" \
+        -o call-"$i".tx
+    
+    echo "Txn ${i} added"
+    cat call-"$i".tx >> call-main.tx
+
+done
+
+
+goal clerk group -i call-main.tx -o grouped.tx
+goal clerk split -i grouped.tx -o split.tx
+
+for (( i=0 ; i<$NTXN ; i++ ));
+do 
+    echo $i
+    goal clerk sign -i split-"$i".tx -o signed-"$i".tx
+done
+    
+for (( i=1 ; i<$NTXN ; i++ ));
+do
+    cat signed-"$i".tx >> signed-0.tx
+done
+
+goal clerk rawsend -f signed-0.tx
\ No newline at end of file

contracts/test/parallel_calls.sh

+#!/usr/bin/env bash
+
+source "$(dirname ${BASH_SOURCE[0]})/vars.sh"
+
+for (( i=1 ; i< $1; i++ ));
+do
+    goal app call --app-id 1 -f $ONE --app-arg "str:run" --app-arg "int:41" &
+done

contracts/test/step_01.py

+from tkinter import W
+from pyteal import *
+# from pyteal.ast.bytes import Bytes
+from pyteal_helpers import program
+
+def approval():
+
+    global_counter = Bytes("counter")  #uint64
+    global_count = Bytes("count")    #uint64
+
+    op_run = Bytes("run")
+    
+    i = ScratchVar(TealType.uint64)
+
+    run = Seq(
+        App.globalPut(global_count,Btoi(Txn.application_args[1])),
+        For( i.store(Int(0)), i.load() < App.globalGet(global_count), i.store(i.load()+Int(1)) ).Do(
+            App.globalPut(global_counter, App.globalGet(global_counter) + Int(1))
+        ),
+        Approve()
+    )
+
+    return program.event(
+        init=Seq(
+            App.globalPut(global_counter,Int(0)),
+            Approve(),
+        ),
+        no_op=Cond(
+            [Txn.application_args[0] == op_run, run]
+        ),
+    )
+
+def clear():
+    return Approve()

contracts/test/step_02.py

+from pyteal import *
+from pyteal.ast.bytes import Bytes
+from pyteal_helpers import program
+
+UINT64_MAX = 0xFFFFFFFFFFFFFFFF
+
+
+def approval():
+    # globals
+    global_owner = Bytes("owner")  # byteslice
+    global_counter = Bytes("counter")  # uint64
+
+    op_increment = Bytes("inc")
+    op_decrement = Bytes("dec")
+
+    scratch_counter = ScratchVar(TealType.uint64)
+
+    increment = Seq(
+        [
+            scratch_counter.store(App.globalGet(global_counter)),
+            # check overflow
+            If(
+                scratch_counter.load() < Int(UINT64_MAX),
+                App.globalPut(global_counter, scratch_counter.load() + Int(1)),
+            ),
+            Approve(),
+        ]
+    )
+
+    decrement = Seq(
+        [
+            scratch_counter.store(App.globalGet(global_counter)),
+            # check underflow
+            If(
+                scratch_counter.load() > Int(0),
+                App.globalPut(global_counter, scratch_counter.load() - Int(1)),
+            ),
+            Approve(),
+        ]
+    )
+
+    return program.event(
+        init=Seq(
+            [
+                App.globalPut(global_owner, Txn.sender()),
+                App.globalPut(global_counter, Int(0)),
+                Approve(),
+            ]
+        ),
+        no_op=Cond(
+            [Txn.application_args[0] == op_increment, increment],
+            [Txn.application_args[0] == op_decrement, decrement],
+        ),
+    )
+
+
+def clear():
+    return Approve()

contracts/test/vars.sh

+#!/usr/bin/env bash
+
+ONE=ERT6UZ2BN6Z2P3UN7PQ3BZ6QMIGTXLDOJILNSVUQ7TDHOV7GM33WPV3LFE
+ITR=41
+NTXN=16

create_signature.py

+import importlib
+import sys
+
+from pyteal_helpers import program
+from pyteal_helpers import utils
+
+if __name__ == "__main__":
+    module = sys.argv[1]
+
+    outfile = sys.argv[2]
+
+    contract = importlib.import_module(module)
+
+    contract_args = sys.argv[3:]
+
+    pyteal = contract.create(contract_args)
+
+    algod_client = utils.get_algod_client()
+
+    sig = program.signature(algod_client, pyteal)
+
+    print(f"Logic Signature Address: {sig.address}")
+
+    with open(outfile, "w") as h:
+        h.write(sig.teal)

pyteal_helpers/hash.py

+import base64
+import hashlib
+import sys
+
+def sha256b64(s: str) -> str:
+    return base64.b64encode(hashlib.sha256(str(s).encode("utf-8")).digest()).decode("utf-8")
+
+if __name__ == "__main__":
+    s = sys.argv[1]
+
+    print(s)
+    print(sha256b64(s))

pyteal_helpers/program.py

+from base64 import b64decode
+from dataclasses import dataclass
+from typing import Dict
+
+from algosdk.v2client.algod import AlgodClient
+from pyteal import *
+from pyteal.ast import *
+
+
+def event(
+    init: Expr = Reject(),
+    delete: Expr = Reject(),
+    update: Expr = Reject(),
+    opt_in: Expr = Reject(),
+    close_out: Expr = Reject(),
+    no_op: Expr = Reject(),
+) -> Expr:
+    return Cond(
+        [Txn.application_id() == Int(0), init],
+        [Txn.on_completion() == OnComplete.DeleteApplication, delete],
+        [Txn.on_completion() == OnComplete.UpdateApplication, update],
+        [Txn.on_completion() == OnComplete.OptIn, opt_in],
+        [Txn.on_completion() == OnComplete.CloseOut, close_out],
+        [Txn.on_completion() == OnComplete.NoOp, no_op],
+    )
+
+
+def check_rekey_zero(
+    num_transactions: int,
+):
+    return Assert(
+        And(
+            *[
+                Gtxn[i].rekey_to() == Global.zero_address()
+                for i in range(num_transactions)
+            ]
+        )
+    )
+
+
+def check_self(
+    group_size: Expr = Int(1),
+    group_index: Expr = Int(0),
+):
+    return Assert(
+        And(
+            Global.group_size() == group_size,
+            Txn.group_index() == group_index,
+        )
+    )
+
+
+def application(pyteal: Expr) -> str:
+    return compileTeal(pyteal, mode=Mode.Application, version=MAX_TEAL_VERSION)
+
+
+@dataclass
+class CompiledSignature:
+    address: str
+    bytecode_b64: str
+    teal: str
+
+
+def signature(algod_client: AlgodClient, pyteal: Expr) -> CompiledSignature:
+    teal = compileTeal(pyteal, mode=Mode.Signature, version=MAX_TEAL_VERSION)
+    compilation_result = algod_client.compile(teal)
+    return CompiledSignature(
+        address=compilation_result["hash"],
+        bytecode_b64=compilation_result["result"],
+        teal=teal,
+    )

pyteal_helpers/utils.py

+from algosdk import account
+from algosdk.future import transaction
+from algosdk.kmd import KMDClient
+from algosdk.v2client.algod import AlgodClient
+
+MICRO_ALGO = 1
+ALGO = MICRO_ALGO * (10 ** 6)
+
+
+def get_kmd_client(address="http://localhost:4002", token="a" * 64) -> KMDClient:
+    return KMDClient(token, address)
+
+
+def get_keys_from_wallet(
+    kmd_client: KMDClient, wallet_name="unencrypted-default-wallet", wallet_password=""
+) -> list[str] | None:
+    wallets = kmd_client.list_wallets()
+
+    handle = None
+    for wallet in wallets:
+        if wallet["name"] == wallet_name:
+            handle = kmd_client.init_wallet_handle(wallet["id"], wallet_password)
+            break
+
+    if handle is None:
+        raise Exception("Could not find wallet")
+
+    private_keys = None
+    try:
+        addresses = kmd_client.list_keys(handle)
+        private_keys = [
+            kmd_client.export_key(handle, wallet_password, address)
+            for address in addresses
+        ]
+    finally:
+        kmd_client.release_wallet_handle(handle)
+
+    return private_keys
+
+
+def get_algod_client(address="http://localhost:4001", token="a" * 64):
+    return AlgodClient(token, address)
+
+
+def generate_account():
+    (private_key, _) = account.generate_account()
+    return private_key
+
+
+def make_atomic(
+    signing_keys=[], transactions=[]
+) -> list[transaction.SignedTransaction]:
+    return [
+        tx.sign(key)
+        for key, tx in zip(
+            signing_keys, transaction.assign_group_id(transactions), strict=True
+        )
+    ]

requirements.txt

+atomicwrites==1.4.0
+attrs==21.2.0
+black==21.11b1
+cffi==1.15.0
+click==8.0.3
+colorama==0.4.4
+iniconfig==1.1.1
+msgpack==1.0.3
+mypy==0.910
+mypy-extensions==0.4.3
+packaging==21.3
+pathspec==0.9.0
+platformdirs==2.4.0
+pluggy==1.0.0
+py==1.11.0
+py-algorand-sdk==1.8.0
+pycparser==2.21
+pycryptodomex==3.11.0
+PyNaCl==1.4.0
+pyparsing==3.0.6
+pyteal==0.9.1
+pytest==6.2.5
+regex==2021.11.10
+six==1.16.0
+toml==0.10.2
+tomli==1.2.2
+typing_extensions==4.0.1
\ No newline at end of file

venv/bin/Activate.ps1

+<#
+.Synopsis
+Activate a Python virtual environment for the current PowerShell session.
+
+.Description
+Pushes the python executable for a virtual environment to the front of the
+$Env:PATH environment variable and sets the prompt to signify that you are
+in a Python virtual environment. Makes use of the command line switches as
+well as the `pyvenv.cfg` file values present in the virtual environment.
+
+.Parameter VenvDir
+Path to the directory that contains the virtual environment to activate. The
+default value for this is the parent of the directory that the Activate.ps1
+script is located within.
+
+.Parameter Prompt
+The prompt prefix to display when this virtual environment is activated. By
+default, this prompt is the name of the virtual environment folder (VenvDir)
+surrounded by parentheses and followed by a single space (ie. '(.venv) ').
+
+.Example
+Activate.ps1
+Activates the Python virtual environment that contains the Activate.ps1 script.
+
+.Example
+Activate.ps1 -Verbose
+Activates the Python virtual environment that contains the Activate.ps1 script,
+and shows extra information about the activation as it executes.
+
+.Example
+Activate.ps1 -VenvDir C:\Users\MyUser\Common\.venv
+Activates the Python virtual environment located in the specified location.
+
+.Example
+Activate.ps1 -Prompt "MyPython"
+Activates the Python virtual environment that contains the Activate.ps1 script,
+and prefixes the current prompt with the specified string (surrounded in
+parentheses) while the virtual environment is active.
+
+.Notes
+On Windows, it may be required to enable this Activate.ps1 script by setting the
+execution policy for the user. You can do this by issuing the following PowerShell
+command:
+
+PS C:\> Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Scope CurrentUser
+
+For more information on Execution Policies: 
+https://go.microsoft.com/fwlink/?LinkID=135170
+
+#>
+Param(
+    [Parameter(Mandatory = $false)]
+    [String]
+    $VenvDir,
+    [Parameter(Mandatory = $false)]
+    [String]
+    $Prompt
+)
+
+<# Function declarations --------------------------------------------------- #>
+
+<#
+.Synopsis
+Remove all shell session elements added by the Activate script, including the
+addition of the virtual environment's Python executable from the beginning of
+the PATH variable.
+
+.Parameter NonDestructive
+If present, do not remove this function from the global namespace for the
+session.
+
+#>
+function global:deactivate ([switch]$NonDestructive) {
+    # Revert to original values
+
+    # The prior prompt:
+    if (Test-Path -Path Function:_OLD_VIRTUAL_PROMPT) {
+        Copy-Item -Path Function:_OLD_VIRTUAL_PROMPT -Destination Function:prompt
+        Remove-Item -Path Function:_OLD_VIRTUAL_PROMPT
+    }
+
+    # The prior PYTHONHOME:
+    if (Test-Path -Path Env:_OLD_VIRTUAL_PYTHONHOME) {
+        Copy-Item -Path Env:_OLD_VIRTUAL_PYTHONHOME -Destination Env:PYTHONHOME
+        Remove-Item -Path Env:_OLD_VIRTUAL_PYTHONHOME
+    }
+
+    # The prior PATH:
+    if (Test-Path -Path Env:_OLD_VIRTUAL_PATH) {
+        Copy-Item -Path Env:_OLD_VIRTUAL_PATH -Destination Env:PATH
+        Remove-Item -Path Env:_OLD_VIRTUAL_PATH
+    }
+
+    # Just remove the VIRTUAL_ENV altogether:
+    if (Test-Path -Path Env:VIRTUAL_ENV) {
+        Remove-Item -Path env:VIRTUAL_ENV
+    }
+
+    # Just remove the _PYTHON_VENV_PROMPT_PREFIX altogether:
+    if (Get-Variable -Name "_PYTHON_VENV_PROMPT_PREFIX" -ErrorAction SilentlyContinue) {
+        Remove-Variable -Name _PYTHON_VENV_PROMPT_PREFIX -Scope Global -Force
+    }
+
+    # Leave deactivate function in the global namespace if requested:
+    if (-not $NonDestructive) {
+        Remove-Item -Path function:deactivate
+    }
+}
+
+<#
+.Description
+Get-PyVenvConfig parses the values from the pyvenv.cfg file located in the
+given folder, and returns them in a map.
+
+For each line in the pyvenv.cfg file, if that line can be parsed into exactly
+two strings separated by `=` (with any amount of whitespace surrounding the =)
+then it is considered a `key = value` line. The left hand string is the key,
+the right hand is the value.
+
+If the value starts with a `'` or a `"` then the first and last character is
+stripped from the value before being captured.
+
+.Parameter ConfigDir
+Path to the directory that contains the `pyvenv.cfg` file.
+#>
+function Get-PyVenvConfig(
+    [String]
+    $ConfigDir
+) {
+    Write-Verbose "Given ConfigDir=$ConfigDir, obtain values in pyvenv.cfg"
+
+    # Ensure the file exists, and issue a warning if it doesn't (but still allow the function to continue).
+    $pyvenvConfigPath = Join-Path -Resolve -Path $ConfigDir -ChildPath 'pyvenv.cfg' -ErrorAction Continue
+
+    # An empty map will be returned if no config file is found.
+    $pyvenvConfig = @{ }
+
+    if ($pyvenvConfigPath) {
+
+        Write-Verbose "File exists, parse `key = value` lines"
+        $pyvenvConfigContent = Get-Content -Path $pyvenvConfigPath
+
+        $pyvenvConfigContent | ForEach-Object {
+            $keyval = $PSItem -split "\s*=\s*", 2
+            if ($keyval[0] -and $keyval[1]) {
+                $val = $keyval[1]
+
+                # Remove extraneous quotations around a string value.
+                if ("'""".Contains($val.Substring(0, 1))) {
+                    $val = $val.Substring(1, $val.Length - 2)
+                }
+
+                $pyvenvConfig[$keyval[0]] = $val
+                Write-Verbose "Adding Key: '$($keyval[0])'='$val'"
+            }
+        }
+    }
+    return $pyvenvConfig
+}
+
+
+<# Begin Activate script --------------------------------------------------- #>
+
+# Determine the containing directory of this script
+$VenvExecPath = Split-Path -Parent $MyInvocation.MyCommand.Definition
+$VenvExecDir = Get-Item -Path $VenvExecPath
+
+Write-Verbose "Activation script is located in path: '$VenvExecPath'"
+Write-Verbose "VenvExecDir Fullname: '$($VenvExecDir.FullName)"
+Write-Verbose "VenvExecDir Name: '$($VenvExecDir.Name)"
+
+# Set values required in priority: CmdLine, ConfigFile, Default
+# First, get the location of the virtual environment, it might not be
+# VenvExecDir if specified on the command line.
+if ($VenvDir) {
+    Write-Verbose "VenvDir given as parameter, using '$VenvDir' to determine values"
+}
+else {
+    Write-Verbose "VenvDir not given as a parameter, using parent directory name as VenvDir."
+    $VenvDir = $VenvExecDir.Parent.FullName.TrimEnd("\\/")
+    Write-Verbose "VenvDir=$VenvDir"
+}
+
+# Next, read the `pyvenv.cfg` file to determine any required value such
+# as `prompt`.
+$pyvenvCfg = Get-PyVenvConfig -ConfigDir $VenvDir
+
+# Next, set the prompt from the command line, or the config file, or
+# just use the name of the virtual environment folder.
+if ($Prompt) {
+    Write-Verbose "Prompt specified as argument, using '$Prompt'"
+}
+else {
+    Write-Verbose "Prompt not specified as argument to script, checking pyvenv.cfg value"
+    if ($pyvenvCfg -and $pyvenvCfg['prompt']) {
+        Write-Verbose "  Setting based on value in pyvenv.cfg='$($pyvenvCfg['prompt'])'"
+        $Prompt = $pyvenvCfg['prompt'];
+    }
+    else {
+        Write-Verbose "  Setting prompt based on parent's directory's name. (Is the directory name passed to venv module when creating the virutal environment)"
+        Write-Verbose "  Got leaf-name of $VenvDir='$(Split-Path -Path $venvDir -Leaf)'"
+        $Prompt = Split-Path -Path $venvDir -Leaf
+    }
+}
+
+Write-Verbose "Prompt = '$Prompt'"
+Write-Verbose "VenvDir='$VenvDir'"
+
+# Deactivate any currently active virtual environment, but leave the
+# deactivate function in place.
+deactivate -nondestructive
+
+# Now set the environment variable VIRTUAL_ENV, used by many tools to determine
+# that there is an activated venv.
+$env:VIRTUAL_ENV = $VenvDir
+
+if (-not $Env:VIRTUAL_ENV_DISABLE_PROMPT) {
+
+    Write-Verbose "Setting prompt to '$Prompt'"
+
+    # Set the prompt to include the env name
+    # Make sure _OLD_VIRTUAL_PROMPT is global
+    function global:_OLD_VIRTUAL_PROMPT { "" }
+    Copy-Item -Path function:prompt -Destination function:_OLD_VIRTUAL_PROMPT
+    New-Variable -Name _PYTHON_VENV_PROMPT_PREFIX -Description "Python virtual environment prompt prefix" -Scope Global -Option ReadOnly -Visibility Public -Value $Prompt
+
+    function global:prompt {
+        Write-Host -NoNewline -ForegroundColor Green "($_PYTHON_VENV_PROMPT_PREFIX) "
+        _OLD_VIRTUAL_PROMPT
+    }
+}
+
+# Clear PYTHONHOME
+if (Test-Path -Path Env:PYTHONHOME) {
+    Copy-Item -Path Env:PYTHONHOME -Destination Env:_OLD_VIRTUAL_PYTHONHOME
+    Remove-Item -Path Env:PYTHONHOME
+}
+
+# Add the venv to the PATH
+Copy-Item -Path Env:PATH -Destination Env:_OLD_VIRTUAL_PATH
+$Env:PATH = "$VenvExecDir$([System.IO.Path]::PathSeparator)$Env:PATH"

venv/bin/activate

+# This file must be used with "source bin/activate" *from bash*
+# you cannot run it directly
+
+deactivate () {
+    # reset old environment variables
+    if [ -n "${_OLD_VIRTUAL_PATH:-}" ] ; then
+        PATH="${_OLD_VIRTUAL_PATH:-}"
+        export PATH
+        unset _OLD_VIRTUAL_PATH
+    fi
+    if [ -n "${_OLD_VIRTUAL_PYTHONHOME:-}" ] ; then
+        PYTHONHOME="${_OLD_VIRTUAL_PYTHONHOME:-}"
+        export PYTHONHOME
+        unset _OLD_VIRTUAL_PYTHONHOME
+    fi
+
+    # This should detect bash and zsh, which have a hash command that must
+    # be called to get it to forget past commands.  Without forgetting
+    # past commands the $PATH changes we made may not be respected
+    if [ -n "${BASH:-}" -o -n "${ZSH_VERSION:-}" ] ; then
+        hash -r 2> /dev/null
+    fi
+
+    if [ -n "${_OLD_VIRTUAL_PS1:-}" ] ; then
+        PS1="${_OLD_VIRTUAL_PS1:-}"
+        export PS1
+        unset _OLD_VIRTUAL_PS1
+    fi
+
+    unset VIRTUAL_ENV
+    if [ ! "${1:-}" = "nondestructive" ] ; then
+    # Self destruct!
+        unset -f deactivate
+    fi
+}
+
+# unset irrelevant variables
+deactivate nondestructive
+
+VIRTUAL_ENV="/Users/sambitbehera/project/venv"
+export VIRTUAL_ENV
+
+_OLD_VIRTUAL_PATH="$PATH"
+PATH="$VIRTUAL_ENV/bin:$PATH"
+export PATH
+
+# unset PYTHONHOME if set
+# this will fail if PYTHONHOME is set to the empty string (which is bad anyway)
+# could use `if (set -u; : $PYTHONHOME) ;` in bash
+if [ -n "${PYTHONHOME:-}" ] ; then
+    _OLD_VIRTUAL_PYTHONHOME="${PYTHONHOME:-}"
+    unset PYTHONHOME
+fi
+
+if [ -z "${VIRTUAL_ENV_DISABLE_PROMPT:-}" ] ; then
+    _OLD_VIRTUAL_PS1="${PS1:-}"
+    PS1="(venv) ${PS1:-}"
+    export PS1
+fi
+
+# This should detect bash and zsh, which have a hash command that must
+# be called to get it to forget past commands.  Without forgetting
+# past commands the $PATH changes we made may not be respected
+if [ -n "${BASH:-}" -o -n "${ZSH_VERSION:-}" ] ; then
+    hash -r 2> /dev/null
+fi

venv/bin/activate.csh

+# This file must be used with "source bin/activate.csh" *from csh*.
+# You cannot run it directly.
+# Created by Davide Di Blasi <davidedb@gmail.com>.
+# Ported to Python 3.3 venv by Andrew Svetlov <andrew.svetlov@gmail.com>
+
+alias deactivate 'test $?_OLD_VIRTUAL_PATH != 0 && setenv PATH "$_OLD_VIRTUAL_PATH" && unset _OLD_VIRTUAL_PATH; rehash; test $?_OLD_VIRTUAL_PROMPT != 0 && set prompt="$_OLD_VIRTUAL_PROMPT" && unset _OLD_VIRTUAL_PROMPT; unsetenv VIRTUAL_ENV; test "\!:*" != "nondestructive" && unalias deactivate'
+
+# Unset irrelevant variables.
+deactivate nondestructive
+
+setenv VIRTUAL_ENV "/Users/sambitbehera/project/venv"
+
+set _OLD_VIRTUAL_PATH="$PATH"
+setenv PATH "$VIRTUAL_ENV/bin:$PATH"
+
+
+set _OLD_VIRTUAL_PROMPT="$prompt"
+
+if (! "$?VIRTUAL_ENV_DISABLE_PROMPT") then
+    set prompt = "(venv) $prompt"
+endif
+
+alias pydoc python -m pydoc
+
+rehash

venv/bin/activate.fish

+# This file must be used with "source <venv>/bin/activate.fish" *from fish*
+# (https://fishshell.com/); you cannot run it directly.
+
+function deactivate  -d "Exit virtual environment and return to normal shell environment"
+    # reset old environment variables
+    if test -n "$_OLD_VIRTUAL_PATH"
+        set -gx PATH $_OLD_VIRTUAL_PATH
+        set -e _OLD_VIRTUAL_PATH
+    end
+    if test -n "$_OLD_VIRTUAL_PYTHONHOME"
+        set -gx PYTHONHOME $_OLD_VIRTUAL_PYTHONHOME
+        set -e _OLD_VIRTUAL_PYTHONHOME
+    end
+
+    if test -n "$_OLD_FISH_PROMPT_OVERRIDE"
+        functions -e fish_prompt
+        set -e _OLD_FISH_PROMPT_OVERRIDE
+        functions -c _old_fish_prompt fish_prompt
+        functions -e _old_fish_prompt
+    end
+
+    set -e VIRTUAL_ENV
+    if test "$argv[1]" != "nondestructive"
+        # Self-destruct!
+        functions -e deactivate
+    end
+end
+
+# Unset irrelevant variables.
+deactivate nondestructive
+
+set -gx VIRTUAL_ENV "/Users/sambitbehera/project/venv"
+
+set -gx _OLD_VIRTUAL_PATH $PATH
+set -gx PATH "$VIRTUAL_ENV/bin" $PATH
+
+# Unset PYTHONHOME if set.
+if set -q PYTHONHOME
+    set -gx _OLD_VIRTUAL_PYTHONHOME $PYTHONHOME
+    set -e PYTHONHOME
+end
+
+if test -z "$VIRTUAL_ENV_DISABLE_PROMPT"
+    # fish uses a function instead of an env var to generate the prompt.
+
+    # Save the current fish_prompt function as the function _old_fish_prompt.
+    functions -c fish_prompt _old_fish_prompt
+
+    # With the original prompt function renamed, we can override with our own.
+    function fish_prompt
+        # Save the return status of the last command.
+        set -l old_status $status
+
+        # Output the venv prompt; color taken from the blue of the Python logo.
+        printf "%s%s%s" (set_color 4B8BBE) "(venv) " (set_color normal)
+
+        # Restore the return status of the previous command.
+        echo "exit $old_status" | .
+        # Output the original/"old" prompt.
+        _old_fish_prompt
+    end
+
+    set -gx _OLD_FISH_PROMPT_OVERRIDE "$VIRTUAL_ENV"
+end

venv/bin/easy_install

+#!/Users/sambitbehera/project/venv/bin/python3
+# -*- coding: utf-8 -*-
+import re
+import sys
+from setuptools.command.easy_install import main
+if __name__ == '__main__':
+    sys.argv[0] = re.sub(r'(-script\.pyw|\.exe)?$', '', sys.argv[0])
+    sys.exit(main())

venv/bin/easy_install-3.8

+#!/Users/sambitbehera/project/venv/bin/python3
+# -*- coding: utf-8 -*-
+import re
+import sys
+from setuptools.command.easy_install import main
+if __name__ == '__main__':
+    sys.argv[0] = re.sub(r'(-script\.pyw|\.exe)?$', '', sys.argv[0])
+    sys.exit(main())

venv/bin/pip

+#!/Users/sambitbehera/project/venv/bin/python3
+# -*- coding: utf-8 -*-
+import re
+import sys
+from pip._internal.cli.main import main
+if __name__ == '__main__':
+    sys.argv[0] = re.sub(r'(-script\.pyw|\.exe)?$', '', sys.argv[0])
+    sys.exit(main())

venv/bin/pip3

+#!/Users/sambitbehera/project/venv/bin/python3
+# -*- coding: utf-8 -*-
+import re
+import sys
+from pip._internal.cli.main import main
+if __name__ == '__main__':
+    sys.argv[0] = re.sub(r'(-script\.pyw|\.exe)?$', '', sys.argv[0])
+    sys.exit(main())

venv/bin/pip3.8

+#!/Users/sambitbehera/project/venv/bin/python3
+# -*- coding: utf-8 -*-
+import re
+import sys
+from pip._internal.cli.main import main
+if __name__ == '__main__':
+    sys.argv[0] = re.sub(r'(-script\.pyw|\.exe)?$', '', sys.argv[0])
+    sys.exit(main())

venv/bin/pip3.9

+#!/Users/sambitbehera/project/venv/bin/python3
+# -*- coding: utf-8 -*-
+import re
+import sys
+from pip._internal.cli.main import main
+if __name__ == '__main__':
+    sys.argv[0] = re.sub(r'(-script\.pyw|\.exe)?$', '', sys.argv[0])
+    sys.exit(main())

venv/lib/python3.8/site-packages/Cryptodome/Cipher/AES.py

+# -*- coding: utf-8 -*-
+#
+#  Cipher/AES.py : AES
+#
+# ===================================================================
+# The contents of this file are dedicated to the public domain.  To
+# the extent that dedication to the public domain is not available,
+# everyone is granted a worldwide, perpetual, royalty-free,
+# non-exclusive license to exercise all rights associated with the
+# contents of this file for any purpose whatsoever.
+# No rights are reserved.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
+# BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
+# ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
+# CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+# SOFTWARE.
+# ===================================================================
+"""
+Module's constants for the modes of operation supported with AES:
+
+:var MODE_ECB: :ref:`Electronic Code Book (ECB) <ecb_mode>`
+:var MODE_CBC: :ref:`Cipher-Block Chaining (CBC) <cbc_mode>`
+:var MODE_CFB: :ref:`Cipher FeedBack (CFB) <cfb_mode>`
+:var MODE_OFB: :ref:`Output FeedBack (OFB) <ofb_mode>`
+:var MODE_CTR: :ref:`CounTer Mode (CTR) <ctr_mode>`
+:var MODE_OPENPGP:  :ref:`OpenPGP Mode <openpgp_mode>`
+:var MODE_CCM: :ref:`Counter with CBC-MAC (CCM) Mode <ccm_mode>`
+:var MODE_EAX: :ref:`EAX Mode <eax_mode>`
+:var MODE_GCM: :ref:`Galois Counter Mode (GCM) <gcm_mode>`
+:var MODE_SIV: :ref:`Syntethic Initialization Vector (SIV) <siv_mode>`
+:var MODE_OCB: :ref:`Offset Code Book (OCB) <ocb_mode>`
+"""
+
+import sys
+
+from Cryptodome.Cipher import _create_cipher
+from Cryptodome.Util._raw_api import (load_pycryptodome_raw_lib,
+                                  VoidPointer, SmartPointer,
+                                  c_size_t, c_uint8_ptr)
+
+from Cryptodome.Util import _cpu_features
+from Cryptodome.Random import get_random_bytes
+
+
+_cproto = """
+        int AES_start_operation(const uint8_t key[],
+                                size_t key_len,
+                                void **pResult);
+        int AES_encrypt(const void *state,
+                        const uint8_t *in,
+                        uint8_t *out,
+                        size_t data_len);
+        int AES_decrypt(const void *state,
+                        const uint8_t *in,
+                        uint8_t *out,
+                        size_t data_len);
+        int AES_stop_operation(void *state);
+        """
+
+
+# Load portable AES
+_raw_aes_lib = load_pycryptodome_raw_lib("Cryptodome.Cipher._raw_aes",
+                                         _cproto)
+
+# Try to load AES with AES NI instructions
+try:
+    _raw_aesni_lib = None
+    if _cpu_features.have_aes_ni():
+        _raw_aesni_lib = load_pycryptodome_raw_lib("Cryptodome.Cipher._raw_aesni",
+                                                   _cproto.replace("AES",
+                                                                   "AESNI"))
+# _raw_aesni may not have been compiled in
+except OSError:
+    pass
+
+
+def _create_base_cipher(dict_parameters):
+    """This method instantiates and returns a handle to a low-level
+    base cipher. It will absorb named parameters in the process."""
+
+    use_aesni = dict_parameters.pop("use_aesni", True)
+
+    try:
+        key = dict_parameters.pop("key")
+    except KeyError:
+        raise TypeError("Missing 'key' parameter")
+
+    if len(key) not in key_size:
+        raise ValueError("Incorrect AES key length (%d bytes)" % len(key))
+
+    if use_aesni and _raw_aesni_lib:
+        start_operation = _raw_aesni_lib.AESNI_start_operation
+        stop_operation = _raw_aesni_lib.AESNI_stop_operation
+    else:
+        start_operation = _raw_aes_lib.AES_start_operation
+        stop_operation = _raw_aes_lib.AES_stop_operation
+
+    cipher = VoidPointer()
+    result = start_operation(c_uint8_ptr(key),
+                             c_size_t(len(key)),
+                             cipher.address_of())
+    if result:
+        raise ValueError("Error %X while instantiating the AES cipher"
+                         % result)
+    return SmartPointer(cipher.get(), stop_operation)
+
+
+def _derive_Poly1305_key_pair(key, nonce):
+    """Derive a tuple (r, s, nonce) for a Poly1305 MAC.
+
+    If nonce is ``None``, a new 16-byte nonce is generated.
+    """
+
+    if len(key) != 32:
+        raise ValueError("Poly1305 with AES requires a 32-byte key")
+
+    if nonce is None:
+        nonce = get_random_bytes(16)
+    elif len(nonce) != 16:
+        raise ValueError("Poly1305 with AES requires a 16-byte nonce")
+
+    s = new(key[:16], MODE_ECB).encrypt(nonce)
+    return key[16:], s, nonce
+
+
+def new(key, mode, *args, **kwargs):
+    """Create a new AES cipher.
+
+    :param key:
+        The secret key to use in the symmetric cipher.
+
+        It must be 16, 24 or 32 bytes long (respectively for *AES-128*,
+        *AES-192* or *AES-256*).
+
+        For ``MODE_SIV`` only, it doubles to 32, 48, or 64 bytes.
+    :type key: bytes/bytearray/memoryview
+
+    :param mode:
+        The chaining mode to use for encryption or decryption.
+        If in doubt, use ``MODE_EAX``.
+    :type mode: One of the supported ``MODE_*`` constants
+
+    :Keyword Arguments:
+        *   **iv** (*bytes*, *bytearray*, *memoryview*) --
+            (Only applicable for ``MODE_CBC``, ``MODE_CFB``, ``MODE_OFB``,
+            and ``MODE_OPENPGP`` modes).
+
+            The initialization vector to use for encryption or decryption.
+
+            For ``MODE_CBC``, ``MODE_CFB``, and ``MODE_OFB`` it must be 16 bytes long.
+
+            For ``MODE_OPENPGP`` mode only,
+            it must be 16 bytes long for encryption
+            and 18 bytes for decryption (in the latter case, it is
+            actually the *encrypted* IV which was prefixed to the ciphertext).
+
+            If not provided, a random byte string is generated (you must then
+            read its value with the :attr:`iv` attribute).
+
+        *   **nonce** (*bytes*, *bytearray*, *memoryview*) --
+            (Only applicable for ``MODE_CCM``, ``MODE_EAX``, ``MODE_GCM``,
+            ``MODE_SIV``, ``MODE_OCB``, and ``MODE_CTR``).
+
+            A value that must never be reused for any other encryption done
+            with this key (except possibly for ``MODE_SIV``, see below).
+
+            For ``MODE_EAX``, ``MODE_GCM`` and ``MODE_SIV`` there are no
+            restrictions on its length (recommended: **16** bytes).
+
+            For ``MODE_CCM``, its length must be in the range **[7..13]**.
+            Bear in mind that with CCM there is a trade-off between nonce
+            length and maximum message size. Recommendation: **11** bytes.
+
+            For ``MODE_OCB``, its length must be in the range **[1..15]**
+            (recommended: **15**).
+
+            For ``MODE_CTR``, its length must be in the range **[0..15]**
+            (recommended: **8**).
+
+            For ``MODE_SIV``, the nonce is optional, if it is not specified,
+            then no nonce is being used, which renders the encryption
+            deterministic.
+
+            If not provided, for modes other than ``MODE_SIV```, a random
+            byte string of the recommended length is used (you must then
+            read its value with the :attr:`nonce` attribute).
+
+        *   **segment_size** (*integer*) --
+            (Only ``MODE_CFB``).The number of **bits** the plaintext and ciphertext
+            are segmented in. It must be a multiple of 8.
+            If not specified, it will be assumed to be 8.
+
+        *   **mac_len** : (*integer*) --
+            (Only ``MODE_EAX``, ``MODE_GCM``, ``MODE_OCB``, ``MODE_CCM``)
+            Length of the authentication tag, in bytes.
+
+            It must be even and in the range **[4..16]**.
+            The recommended value (and the default, if not specified) is **16**.
+
+        *   **msg_len** : (*integer*) --
+            (Only ``MODE_CCM``). Length of the message to (de)cipher.
+            If not specified, ``encrypt`` must be called with the entire message.
+            Similarly, ``decrypt`` can only be called once.
+
+        *   **assoc_len** : (*integer*) --
+            (Only ``MODE_CCM``). Length of the associated data.
+            If not specified, all associated data is buffered internally,
+            which may represent a problem for very large messages.
+
+        *   **initial_value** : (*integer* or *bytes/bytearray/memoryview*) --
+            (Only ``MODE_CTR``).
+            The initial value for the counter. If not present, the cipher will
+            start counting from 0. The value is incremented by one for each block.
+            The counter number is encoded in big endian mode.
+
+        *   **counter** : (*object*) --
+            Instance of ``Cryptodome.Util.Counter``, which allows full customization
+            of the counter block. This parameter is incompatible to both ``nonce``
+            and ``initial_value``.
+
+        *   **use_aesni** : (*boolean*) --
+            Use Intel AES-NI hardware extensions (default: use if available).
+
+    :Return: an AES object, of the applicable mode.
+    """
+
+    kwargs["add_aes_modes"] = True
+    return _create_cipher(sys.modules[__name__], key, mode, *args, **kwargs)
+
+
+MODE_ECB = 1
+MODE_CBC = 2
+MODE_CFB = 3
+MODE_OFB = 5
+MODE_CTR = 6
+MODE_OPENPGP = 7
+MODE_CCM = 8
+MODE_EAX = 9
+MODE_SIV = 10
+MODE_GCM = 11
+MODE_OCB = 12
+
+# Size of a data block (in bytes)
+block_size = 16
+# Size of a key (in bytes)
+key_size = (16, 24, 32)

venv/lib/python3.8/site-packages/Cryptodome/Cipher/AES.pyi

+from typing import Union, Tuple, Optional, Dict
+
+from Cryptodome.Cipher._mode_ecb import EcbMode
+from Cryptodome.Cipher._mode_cbc import CbcMode
+from Cryptodome.Cipher._mode_cfb import CfbMode
+from Cryptodome.Cipher._mode_ofb import OfbMode
+from Cryptodome.Cipher._mode_ctr import CtrMode
+from Cryptodome.Cipher._mode_openpgp import OpenPgpMode
+from Cryptodome.Cipher._mode_ccm import CcmMode
+from Cryptodome.Cipher._mode_eax import EaxMode
+from Cryptodome.Cipher._mode_gcm import GcmMode
+from Cryptodome.Cipher._mode_siv import SivMode
+from Cryptodome.Cipher._mode_ocb import OcbMode
+
+AESMode = int
+
+MODE_ECB: AESMode
+MODE_CBC: AESMode
+MODE_CFB: AESMode
+MODE_OFB: AESMode
+MODE_CTR: AESMode
+MODE_OPENPGP: AESMode
+MODE_CCM: AESMode
+MODE_EAX: AESMode
+MODE_GCM: AESMode
+MODE_SIV: AESMode
+MODE_OCB: AESMode
+
+Buffer = Union[bytes, bytearray, memoryview]
+
+def new(key: Buffer,
+        mode: AESMode,
+        iv : Buffer = ...,
+        IV : Buffer = ...,
+        nonce : Buffer = ...,
+        segment_size : int = ...,
+        mac_len : int = ...,
+        assoc_len : int = ...,
+        initial_value : Union[int, Buffer] = ...,
+        counter : Dict = ...,
+        use_aesni : bool = ...) -> \
+        Union[EcbMode, CbcMode, CfbMode, OfbMode, CtrMode,
+              OpenPgpMode, CcmMode, EaxMode, GcmMode,
+              SivMode, OcbMode]: ...
+
+block_size: int
+key_size: Tuple[int, int, int]

venv/lib/python3.8/site-packages/Cryptodome/Cipher/ARC2.py

+# -*- coding: utf-8 -*-
+#
+#  Cipher/ARC2.py : ARC2.py
+#
+# ===================================================================
+# The contents of this file are dedicated to the public domain.  To
+# the extent that dedication to the public domain is not available,
+# everyone is granted a worldwide, perpetual, royalty-free,
+# non-exclusive license to exercise all rights associated with the
+# contents of this file for any purpose whatsoever.
+# No rights are reserved.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
+# BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
+# ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
+# CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+# SOFTWARE.
+# ===================================================================
+"""
+Module's constants for the modes of operation supported with ARC2:
+
+:var MODE_ECB: :ref:`Electronic Code Book (ECB) <ecb_mode>`
+:var MODE_CBC: :ref:`Cipher-Block Chaining (CBC) <cbc_mode>`
+:var MODE_CFB: :ref:`Cipher FeedBack (CFB) <cfb_mode>`
+:var MODE_OFB: :ref:`Output FeedBack (OFB) <ofb_mode>`
+:var MODE_CTR: :ref:`CounTer Mode (CTR) <ctr_mode>`
+:var MODE_OPENPGP:  :ref:`OpenPGP Mode <openpgp_mode>`
+:var MODE_EAX: :ref:`EAX Mode <eax_mode>`
+"""
+
+import sys
+
+from Cryptodome.Cipher import _create_cipher
+from Cryptodome.Util.py3compat import byte_string
+from Cryptodome.Util._raw_api import (load_pycryptodome_raw_lib,
+                                  VoidPointer, SmartPointer,
+                                  c_size_t, c_uint8_ptr)
+
+_raw_arc2_lib = load_pycryptodome_raw_lib(
+                        "Cryptodome.Cipher._raw_arc2",
+                        """
+                        int ARC2_start_operation(const uint8_t key[],
+                                                 size_t key_len,
+                                                 size_t effective_key_len,
+                                                 void **pResult);
+                        int ARC2_encrypt(const void *state,
+                                         const uint8_t *in,
+                                         uint8_t *out,
+                                         size_t data_len);
+                        int ARC2_decrypt(const void *state,
+                                         const uint8_t *in,
+                                         uint8_t *out,
+                                         size_t data_len);
+                        int ARC2_stop_operation(void *state);
+                        """
+                        )
+
+
+def _create_base_cipher(dict_parameters):
+    """This method instantiates and returns a handle to a low-level
+    base cipher. It will absorb named parameters in the process."""
+
+    try:
+        key = dict_parameters.pop("key")
+    except KeyError:
+        raise TypeError("Missing 'key' parameter")
+
+    effective_keylen = dict_parameters.pop("effective_keylen", 1024)
+
+    if len(key) not in key_size:
+        raise ValueError("Incorrect ARC2 key length (%d bytes)" % len(key))
+
+    if not (40 <= effective_keylen <= 1024):
+        raise ValueError("'effective_key_len' must be at least 40 and no larger than 1024 "
+                         "(not %d)" % effective_keylen)
+
+    start_operation = _raw_arc2_lib.ARC2_start_operation
+    stop_operation = _raw_arc2_lib.ARC2_stop_operation
+
+    cipher = VoidPointer()
+    result = start_operation(c_uint8_ptr(key),
+                             c_size_t(len(key)),
+                             c_size_t(effective_keylen),
+                             cipher.address_of())
+    if result:
+        raise ValueError("Error %X while instantiating the ARC2 cipher"
+                         % result)
+
+    return SmartPointer(cipher.get(), stop_operation)
+
+
+def new(key, mode, *args, **kwargs):
+    """Create a new RC2 cipher.
+
+    :param key:
+        The secret key to use in the symmetric cipher.
+        Its length can vary from 5 to 128 bytes; the actual search space
+        (and the cipher strength) can be reduced with the ``effective_keylen`` parameter.
+    :type key: bytes, bytearray, memoryview
+
+    :param mode:
+        The chaining mode to use for encryption or decryption.
+    :type mode: One of the supported ``MODE_*`` constants
+
+    :Keyword Arguments:
+        *   **iv** (*bytes*, *bytearray*, *memoryview*) --
+            (Only applicable for ``MODE_CBC``, ``MODE_CFB``, ``MODE_OFB``,
+            and ``MODE_OPENPGP`` modes).
+
+            The initialization vector to use for encryption or decryption.
+
+            For ``MODE_CBC``, ``MODE_CFB``, and ``MODE_OFB`` it must be 8 bytes long.
+
+            For ``MODE_OPENPGP`` mode only,
+            it must be 8 bytes long for encryption
+            and 10 bytes for decryption (in the latter case, it is
+            actually the *encrypted* IV which was prefixed to the ciphertext).
+
+            If not provided, a random byte string is generated (you must then
+            read its value with the :attr:`iv` attribute).
+
+        *   **nonce** (*bytes*, *bytearray*, *memoryview*) --
+            (Only applicable for ``MODE_EAX`` and ``MODE_CTR``).
+
+            A value that must never be reused for any other encryption done
+            with this key.
+
+            For ``MODE_EAX`` there are no
+            restrictions on its length (recommended: **16** bytes).
+
+            For ``MODE_CTR``, its length must be in the range **[0..7]**.
+
+            If not provided for ``MODE_EAX``, a random byte string is generated (you
+            can read it back via the ``nonce`` attribute).
+
+        *   **effective_keylen** (*integer*) --
+            Optional. Maximum strength in bits of the actual key used by the ARC2 algorithm.
+            If the supplied ``key`` parameter is longer (in bits) of the value specified
+            here, it will be weakened to match it.
+            If not specified, no limitation is applied.
+
+        *   **segment_size** (*integer*) --
+            (Only ``MODE_CFB``).The number of **bits** the plaintext and ciphertext
+            are segmented in. It must be a multiple of 8.
+            If not specified, it will be assumed to be 8.
+
+        *   **mac_len** : (*integer*) --
+            (Only ``MODE_EAX``)
+            Length of the authentication tag, in bytes.
+            It must be no longer than 8 (default).
+
+        *   **initial_value** : (*integer*) --
+            (Only ``MODE_CTR``). The initial value for the counter within
+            the counter block. By default it is **0**.
+
+    :Return: an ARC2 object, of the applicable mode.
+    """
+
+    return _create_cipher(sys.modules[__name__], key, mode, *args, **kwargs)
+
+MODE_ECB = 1
+MODE_CBC = 2
+MODE_CFB = 3
+MODE_OFB = 5
+MODE_CTR = 6
+MODE_OPENPGP = 7
+MODE_EAX = 9
+
+# Size of a data block (in bytes)
+block_size = 8
+# Size of a key (in bytes)
+key_size = range(5, 128 + 1)

venv/lib/python3.8/site-packages/Cryptodome/Cipher/ARC2.pyi

+from typing import Union, Dict, Iterable
+
+from Cryptodome.Cipher._mode_ecb import EcbMode
+from Cryptodome.Cipher._mode_cbc import CbcMode
+from Cryptodome.Cipher._mode_cfb import CfbMode
+from Cryptodome.Cipher._mode_ofb import OfbMode
+from Cryptodome.Cipher._mode_ctr import CtrMode
+from Cryptodome.Cipher._mode_openpgp import OpenPgpMode
+from Cryptodome.Cipher._mode_eax import EaxMode
+
+ARC2Mode = int
+
+MODE_ECB: ARC2Mode
+MODE_CBC: ARC2Mode
+MODE_CFB: ARC2Mode
+MODE_OFB: ARC2Mode
+MODE_CTR: ARC2Mode
+MODE_OPENPGP: ARC2Mode
+MODE_EAX: ARC2Mode
+
+Buffer = Union[bytes, bytearray, memoryview]
+
+def new(key: Buffer,
+        mode: ARC2Mode,
+        iv : Buffer = ...,
+        IV : Buffer = ...,
+        nonce : Buffer = ...,
+        segment_size : int = ...,
+        mac_len : int = ...,
+        initial_value : Union[int, Buffer] = ...,
+        counter : Dict = ...) -> \
+        Union[EcbMode, CbcMode, CfbMode, OfbMode, CtrMode, OpenPgpMode]: ...
+
+block_size: int
+key_size: Iterable[int]

venv/lib/python3.8/site-packages/Cryptodome/Cipher/ARC4.py

+# -*- coding: utf-8 -*-
+#
+#  Cipher/ARC4.py : ARC4
+#
+# ===================================================================
+# The contents of this file are dedicated to the public domain.  To
+# the extent that dedication to the public domain is not available,
+# everyone is granted a worldwide, perpetual, royalty-free,
+# non-exclusive license to exercise all rights associated with the
+# contents of this file for any purpose whatsoever.
+# No rights are reserved.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
+# BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
+# ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
+# CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+# SOFTWARE.
+# ===================================================================
+
+from Cryptodome.Util.py3compat import b
+
+from Cryptodome.Util._raw_api import (load_pycryptodome_raw_lib, VoidPointer,
+                                  create_string_buffer, get_raw_buffer,
+                                  SmartPointer, c_size_t, c_uint8_ptr)
+
+
+_raw_arc4_lib = load_pycryptodome_raw_lib("Cryptodome.Cipher._ARC4", """
+                    int ARC4_stream_encrypt(void *rc4State, const uint8_t in[],
+                                            uint8_t out[], size_t len);
+                    int ARC4_stream_init(uint8_t *key, size_t keylen,
+                                         void **pRc4State);
+                    int ARC4_stream_destroy(void *rc4State);
+                    """)
+
+
+class ARC4Cipher:
+    """ARC4 cipher object. Do not create it directly. Use
+    :func:`Cryptodome.Cipher.ARC4.new` instead.
+    """
+
+    def __init__(self, key, *args, **kwargs):
+        """Initialize an ARC4 cipher object
+
+        See also `new()` at the module level."""
+
+        if len(args) > 0:
+            ndrop = args[0]
+            args = args[1:]
+        else:
+            ndrop = kwargs.pop('drop', 0)
+
+        if len(key) not in key_size:
+            raise ValueError("Incorrect ARC4 key length (%d bytes)" %
+                             len(key))
+
+        self._state = VoidPointer()
+        result = _raw_arc4_lib.ARC4_stream_init(c_uint8_ptr(key),
+                                                c_size_t(len(key)),
+                                                self._state.address_of())
+        if result != 0:
+            raise ValueError("Error %d while creating the ARC4 cipher"
+                             % result)
+        self._state = SmartPointer(self._state.get(),
+                                   _raw_arc4_lib.ARC4_stream_destroy)
+
+        if ndrop > 0:
+            # This is OK even if the cipher is used for decryption,
+            # since encrypt and decrypt are actually the same thing
+            # with ARC4.
+            self.encrypt(b'\x00' * ndrop)
+
+        self.block_size = 1
+        self.key_size = len(key)
+
+    def encrypt(self, plaintext):
+        """Encrypt a piece of data.
+
+        :param plaintext: The data to encrypt, of any size.
+        :type plaintext: bytes, bytearray, memoryview
+        :returns: the encrypted byte string, of equal length as the
+          plaintext.
+        """
+
+        ciphertext = create_string_buffer(len(plaintext))
+        result = _raw_arc4_lib.ARC4_stream_encrypt(self._state.get(),
+                                                   c_uint8_ptr(plaintext),
+                                                   ciphertext,
+                                                   c_size_t(len(plaintext)))
+        if result:
+            raise ValueError("Error %d while encrypting with RC4" % result)
+        return get_raw_buffer(ciphertext)
+
+    def decrypt(self, ciphertext):
+        """Decrypt a piece of data.
+
+        :param ciphertext: The data to decrypt, of any size.
+        :type ciphertext: bytes, bytearray, memoryview
+        :returns: the decrypted byte string, of equal length as the
+          ciphertext.
+        """
+
+        try:
+            return self.encrypt(ciphertext)
+        except ValueError as e:
+            raise ValueError(str(e).replace("enc", "dec"))
+
+
+def new(key, *args, **kwargs):
+    """Create a new ARC4 cipher.
+
+    :param key:
+        The secret key to use in the symmetric cipher.
+        Its length must be in the range ``[5..256]``.
+        The recommended length is 16 bytes.
+    :type key: bytes, bytearray, memoryview
+
+    :Keyword Arguments:
+        *   *drop* (``integer``) --
+            The amount of bytes to discard from the initial part of the keystream.
+            In fact, such part has been found to be distinguishable from random
+            data (while it shouldn't) and also correlated to key.
+
+            The recommended value is 3072_ bytes. The default value is 0.
+
+    :Return: an `ARC4Cipher` object
+
+    .. _3072: http://eprint.iacr.org/2002/067.pdf
+    """
+    return ARC4Cipher(key, *args, **kwargs)
+
+# Size of a data block (in bytes)
+block_size = 1
+# Size of a key (in bytes)
+key_size = range(5, 256+1)

venv/lib/python3.8/site-packages/Cryptodome/Cipher/ARC4.pyi

+from typing import Any, Union, Iterable
+
+Buffer = Union[bytes, bytearray, memoryview]
+
+class ARC4Cipher:
+    block_size: int
+    key_size: int
+
+    def __init__(self, key: Buffer, *args: Any, **kwargs: Any) -> None: ...
+    def encrypt(self, plaintext: Buffer) -> bytes: ...
+    def decrypt(self, ciphertext: Buffer) -> bytes: ...
+
+def new(key: Buffer, drop : int = ...) -> ARC4Cipher: ...
+
+block_size: int
+key_size: Iterable[int]

venv/lib/python3.8/site-packages/Cryptodome/Cipher/Blowfish.py

+# -*- coding: utf-8 -*-
+#
+#  Cipher/Blowfish.py : Blowfish
+#
+# ===================================================================
+# The contents of this file are dedicated to the public domain.  To
+# the extent that dedication to the public domain is not available,
+# everyone is granted a worldwide, perpetual, royalty-free,
+# non-exclusive license to exercise all rights associated with the
+# contents of this file for any purpose whatsoever.
+# No rights are reserved.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
+# BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
+# ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
+# CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+# SOFTWARE.
+# ===================================================================
+"""
+Module's constants for the modes of operation supported with Blowfish:
+
+:var MODE_ECB: :ref:`Electronic Code Book (ECB) <ecb_mode>`
+:var MODE_CBC: :ref:`Cipher-Block Chaining (CBC) <cbc_mode>`
+:var MODE_CFB: :ref:`Cipher FeedBack (CFB) <cfb_mode>`
+:var MODE_OFB: :ref:`Output FeedBack (OFB) <ofb_mode>`
+:var MODE_CTR: :ref:`CounTer Mode (CTR) <ctr_mode>`
+:var MODE_OPENPGP:  :ref:`OpenPGP Mode <openpgp_mode>`
+:var MODE_EAX: :ref:`EAX Mode <eax_mode>`
+"""
+
+import sys
+
+from Cryptodome.Cipher import _create_cipher
+from Cryptodome.Util._raw_api import (load_pycryptodome_raw_lib,
+                                  VoidPointer, SmartPointer, c_size_t,
+                                  c_uint8_ptr)
+
+_raw_blowfish_lib = load_pycryptodome_raw_lib(
+        "Cryptodome.Cipher._raw_blowfish",
+        """
+        int Blowfish_start_operation(const uint8_t key[],
+                                     size_t key_len,
+                                     void **pResult);
+        int Blowfish_encrypt(const void *state,
+                             const uint8_t *in,
+                             uint8_t *out,
+                             size_t data_len);
+        int Blowfish_decrypt(const void *state,
+                             const uint8_t *in,
+                             uint8_t *out,
+                             size_t data_len);
+        int Blowfish_stop_operation(void *state);
+        """
+        )
+
+
+def _create_base_cipher(dict_parameters):
+    """This method instantiates and returns a smart pointer to
+    a low-level base cipher. It will absorb named parameters in
+    the process."""
+
+    try:
+        key = dict_parameters.pop("key")
+    except KeyError:
+        raise TypeError("Missing 'key' parameter")
+
+    if len(key) not in key_size:
+        raise ValueError("Incorrect Blowfish key length (%d bytes)" % len(key))
+
+    start_operation = _raw_blowfish_lib.Blowfish_start_operation
+    stop_operation = _raw_blowfish_lib.Blowfish_stop_operation
+
+    void_p = VoidPointer()
+    result = start_operation(c_uint8_ptr(key),
+                             c_size_t(len(key)),
+                             void_p.address_of())
+    if result:
+        raise ValueError("Error %X while instantiating the Blowfish cipher"
+                         % result)
+    return SmartPointer(void_p.get(), stop_operation)
+
+
+def new(key, mode, *args, **kwargs):
+    """Create a new Blowfish cipher
+
+    :param key:
+        The secret key to use in the symmetric cipher.
+        Its length can vary from 5 to 56 bytes.
+    :type key: bytes, bytearray, memoryview
+
+    :param mode:
+        The chaining mode to use for encryption or decryption.
+    :type mode: One of the supported ``MODE_*`` constants
+
+    :Keyword Arguments:
+        *   **iv** (*bytes*, *bytearray*, *memoryview*) --
+            (Only applicable for ``MODE_CBC``, ``MODE_CFB``, ``MODE_OFB``,
+            and ``MODE_OPENPGP`` modes).
+
+            The initialization vector to use for encryption or decryption.
+
+            For ``MODE_CBC``, ``MODE_CFB``, and ``MODE_OFB`` it must be 8 bytes long.
+
+            For ``MODE_OPENPGP`` mode only,
+            it must be 8 bytes long for encryption
+            and 10 bytes for decryption (in the latter case, it is
+            actually the *encrypted* IV which was prefixed to the ciphertext).
+
+            If not provided, a random byte string is generated (you must then
+            read its value with the :attr:`iv` attribute).
+
+        *   **nonce** (*bytes*, *bytearray*, *memoryview*) --
+            (Only applicable for ``MODE_EAX`` and ``MODE_CTR``).
+
+            A value that must never be reused for any other encryption done
+            with this key.
+
+            For ``MODE_EAX`` there are no
+            restrictions on its length (recommended: **16** bytes).
+
+            For ``MODE_CTR``, its length must be in the range **[0..7]**.
+
+            If not provided for ``MODE_EAX``, a random byte string is generated (you
+            can read it back via the ``nonce`` attribute).
+
+        *   **segment_size** (*integer*) --
+            (Only ``MODE_CFB``).The number of **bits** the plaintext and ciphertext
+            are segmented in. It must be a multiple of 8.
+            If not specified, it will be assumed to be 8.
+
+        *   **mac_len** : (*integer*) --
+            (Only ``MODE_EAX``)
+            Length of the authentication tag, in bytes.
+            It must be no longer than 8 (default).
+
+        *   **initial_value** : (*integer*) --
+            (Only ``MODE_CTR``). The initial value for the counter within
+            the counter block. By default it is **0**.
+
+    :Return: a Blowfish object, of the applicable mode.
+    """
+
+    return _create_cipher(sys.modules[__name__], key, mode, *args, **kwargs)
+
+MODE_ECB = 1
+MODE_CBC = 2
+MODE_CFB = 3
+MODE_OFB = 5
+MODE_CTR = 6
+MODE_OPENPGP = 7
+MODE_EAX = 9
+
+# Size of a data block (in bytes)
+block_size = 8
+# Size of a key (in bytes)
+key_size = range(4, 56 + 1)

venv/lib/python3.8/site-packages/Cryptodome/Cipher/Blowfish.pyi

+from typing import Union, Dict, Iterable
+
+from Cryptodome.Cipher._mode_ecb import EcbMode
+from Cryptodome.Cipher._mode_cbc import CbcMode
+from Cryptodome.Cipher._mode_cfb import CfbMode
+from Cryptodome.Cipher._mode_ofb import OfbMode
+from Cryptodome.Cipher._mode_ctr import CtrMode
+from Cryptodome.Cipher._mode_openpgp import OpenPgpMode
+from Cryptodome.Cipher._mode_eax import EaxMode
+
+BlowfishMode = int
+
+MODE_ECB: BlowfishMode
+MODE_CBC: BlowfishMode
+MODE_CFB: BlowfishMode
+MODE_OFB: BlowfishMode
+MODE_CTR: BlowfishMode
+MODE_OPENPGP: BlowfishMode
+MODE_EAX: BlowfishMode
+
+Buffer = Union[bytes, bytearray, memoryview]
+
+def new(key: Buffer,
+        mode: BlowfishMode,
+        iv : Buffer = ...,
+        IV : Buffer = ...,
+        nonce : Buffer = ...,
+        segment_size : int = ...,
+        mac_len : int = ...,
+        initial_value : Union[int, Buffer] = ...,
+        counter : Dict = ...) -> \
+        Union[EcbMode, CbcMode, CfbMode, OfbMode, CtrMode, OpenPgpMode]: ...
+
+block_size: int
+key_size: Iterable[int]

venv/lib/python3.8/site-packages/Cryptodome/Cipher/CAST.py

+# -*- coding: utf-8 -*-
+#
+#  Cipher/CAST.py : CAST
+#
+# ===================================================================
+# The contents of this file are dedicated to the public domain.  To
+# the extent that dedication to the public domain is not available,
+# everyone is granted a worldwide, perpetual, royalty-free,
+# non-exclusive license to exercise all rights associated with the
+# contents of this file for any purpose whatsoever.
+# No rights are reserved.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
+# BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
+# ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
+# CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+# SOFTWARE.
+# ===================================================================
+"""
+Module's constants for the modes of operation supported with CAST:
+
+:var MODE_ECB: :ref:`Electronic Code Book (ECB) <ecb_mode>`
+:var MODE_CBC: :ref:`Cipher-Block Chaining (CBC) <cbc_mode>`
+:var MODE_CFB: :ref:`Cipher FeedBack (CFB) <cfb_mode>`
+:var MODE_OFB: :ref:`Output FeedBack (OFB) <ofb_mode>`
+:var MODE_CTR: :ref:`CounTer Mode (CTR) <ctr_mode>`
+:var MODE_OPENPGP:  :ref:`OpenPGP Mode <openpgp_mode>`
+:var MODE_EAX: :ref:`EAX Mode <eax_mode>`
+"""
+
+import sys
+
+from Cryptodome.Cipher import _create_cipher
+from Cryptodome.Util.py3compat import byte_string
+from Cryptodome.Util._raw_api import (load_pycryptodome_raw_lib,
+                                  VoidPointer, SmartPointer,
+                                  c_size_t, c_uint8_ptr)
+
+_raw_cast_lib = load_pycryptodome_raw_lib(
+                    "Cryptodome.Cipher._raw_cast",
+                    """
+                    int CAST_start_operation(const uint8_t key[],
+                                             size_t key_len,
+                                             void **pResult);
+                    int CAST_encrypt(const void *state,
+                                     const uint8_t *in,
+                                     uint8_t *out,
+                                     size_t data_len);
+                    int CAST_decrypt(const void *state,
+                                     const uint8_t *in,
+                                     uint8_t *out,
+                                     size_t data_len);
+                    int CAST_stop_operation(void *state);
+                    """)
+
+
+def _create_base_cipher(dict_parameters):
+    """This method instantiates and returns a handle to a low-level
+    base cipher. It will absorb named parameters in the process."""
+
+    try:
+        key = dict_parameters.pop("key")
+    except KeyError:
+        raise TypeError("Missing 'key' parameter")
+
+    if len(key) not in key_size:
+        raise ValueError("Incorrect CAST key length (%d bytes)" % len(key))
+
+    start_operation = _raw_cast_lib.CAST_start_operation
+    stop_operation = _raw_cast_lib.CAST_stop_operation
+
+    cipher = VoidPointer()
+    result = start_operation(c_uint8_ptr(key),
+                             c_size_t(len(key)),
+                             cipher.address_of())
+    if result:
+        raise ValueError("Error %X while instantiating the CAST cipher"
+                         % result)
+
+    return SmartPointer(cipher.get(), stop_operation)
+
+
+def new(key, mode, *args, **kwargs):
+    """Create a new CAST cipher
+
+    :param key:
+        The secret key to use in the symmetric cipher.
+        Its length can vary from 5 to 16 bytes.
+    :type key: bytes, bytearray, memoryview
+
+    :param mode:
+        The chaining mode to use for encryption or decryption.
+    :type mode: One of the supported ``MODE_*`` constants
+
+    :Keyword Arguments:
+        *   **iv** (*bytes*, *bytearray*, *memoryview*) --
+            (Only applicable for ``MODE_CBC``, ``MODE_CFB``, ``MODE_OFB``,
+            and ``MODE_OPENPGP`` modes).
+
+            The initialization vector to use for encryption or decryption.
+
+            For ``MODE_CBC``, ``MODE_CFB``, and ``MODE_OFB`` it must be 8 bytes long.
+
+            For ``MODE_OPENPGP`` mode only,
+            it must be 8 bytes long for encryption
+            and 10 bytes for decryption (in the latter case, it is
+            actually the *encrypted* IV which was prefixed to the ciphertext).
+
+            If not provided, a random byte string is generated (you must then
+            read its value with the :attr:`iv` attribute).
+
+        *   **nonce** (*bytes*, *bytearray*, *memoryview*) --
+            (Only applicable for ``MODE_EAX`` and ``MODE_CTR``).
+
+            A value that must never be reused for any other encryption done
+            with this key.
+
+            For ``MODE_EAX`` there are no
+            restrictions on its length (recommended: **16** bytes).
+
+            For ``MODE_CTR``, its length must be in the range **[0..7]**.
+
+            If not provided for ``MODE_EAX``, a random byte string is generated (you
+            can read it back via the ``nonce`` attribute).
+
+        *   **segment_size** (*integer*) --
+            (Only ``MODE_CFB``).The number of **bits** the plaintext and ciphertext
+            are segmented in. It must be a multiple of 8.
+            If not specified, it will be assumed to be 8.
+
+        *   **mac_len** : (*integer*) --
+            (Only ``MODE_EAX``)
+            Length of the authentication tag, in bytes.
+            It must be no longer than 8 (default).
+
+        *   **initial_value** : (*integer*) --
+            (Only ``MODE_CTR``). The initial value for the counter within
+            the counter block. By default it is **0**.
+
+    :Return: a CAST object, of the applicable mode.
+    """
+
+    return _create_cipher(sys.modules[__name__], key, mode, *args, **kwargs)
+
+MODE_ECB = 1
+MODE_CBC = 2
+MODE_CFB = 3
+MODE_OFB = 5
+MODE_CTR = 6
+MODE_OPENPGP = 7
+MODE_EAX = 9
+
+# Size of a data block (in bytes)
+block_size = 8
+# Size of a key (in bytes)
+key_size = range(5, 16 + 1)

venv/lib/python3.8/site-packages/Cryptodome/Cipher/CAST.pyi

+from typing import Union, Dict, Iterable
+
+from Cryptodome.Cipher._mode_ecb import EcbMode
+from Cryptodome.Cipher._mode_cbc import CbcMode
+from Cryptodome.Cipher._mode_cfb import CfbMode
+from Cryptodome.Cipher._mode_ofb import OfbMode
+from Cryptodome.Cipher._mode_ctr import CtrMode
+from Cryptodome.Cipher._mode_openpgp import OpenPgpMode
+from Cryptodome.Cipher._mode_eax import EaxMode
+
+CASTMode = int
+
+MODE_ECB: CASTMode
+MODE_CBC: CASTMode
+MODE_CFB: CASTMode
+MODE_OFB: CASTMode
+MODE_CTR: CASTMode
+MODE_OPENPGP: CASTMode
+MODE_EAX: CASTMode
+
+Buffer = Union[bytes, bytearray, memoryview]
+
+def new(key: Buffer,
+        mode: CASTMode,
+        iv : Buffer = ...,
+        IV : Buffer = ...,
+        nonce : Buffer = ...,
+        segment_size : int = ...,
+        mac_len : int = ...,
+        initial_value : Union[int, Buffer] = ...,
+        counter : Dict = ...) -> \
+        Union[EcbMode, CbcMode, CfbMode, OfbMode, CtrMode, OpenPgpMode]: ...
+
+block_size: int
+key_size : Iterable[int]

venv/lib/python3.8/site-packages/Cryptodome/Cipher/ChaCha20.pyi

+from typing import Union, overload
+
+Buffer = Union[bytes, bytearray, memoryview]
+
+def _HChaCha20(key: Buffer, nonce: Buffer) -> bytearray: ...
+
+class ChaCha20Cipher:
+    block_size: int
+    nonce: bytes
+
+    def __init__(self, key: Buffer, nonce: Buffer) -> None: ...
+    @overload
+    def encrypt(self, plaintext: Buffer) -> bytes: ...
+    @overload
+    def encrypt(self, plaintext: Buffer, output: Union[bytearray, memoryview]) -> None: ...
+    @overload
+    def decrypt(self, plaintext: Buffer) -> bytes: ...
+    @overload
+    def decrypt(self, plaintext: Buffer, output: Union[bytearray, memoryview]) -> None: ...
+    def seek(self, position: int) -> None: ...
+
+def new(key: Buffer, nonce: Buffer = ...) -> ChaCha20Cipher: ...
+
+block_size: int
+key_size: int

venv/lib/python3.8/site-packages/Cryptodome/Cipher/ChaCha20_Poly1305.pyi

+from typing import Union, Tuple, overload
+
+Buffer = Union[bytes, bytearray, memoryview]
+
+class ChaCha20Poly1305Cipher:
+    nonce: bytes
+
+    def __init__(self, key: Buffer, nonce: Buffer) -> None: ...
+    def update(self, data: Buffer) -> None: ...
+    @overload
+    def encrypt(self, plaintext: Buffer) -> bytes: ...
+    @overload
+    def encrypt(self, plaintext: Buffer, output: Union[bytearray, memoryview]) -> None: ...
+    @overload
+    def decrypt(self, plaintext: Buffer) -> bytes: ...
+    @overload
+    def decrypt(self, plaintext: Buffer, output: Union[bytearray, memoryview]) -> None: ...
+    def digest(self) -> bytes: ...
+    def hexdigest(self) -> str: ...
+    def verify(self, received_mac_tag: Buffer) -> None: ...
+    def hexverify(self, received_mac_tag: str) -> None: ...
+    def encrypt_and_digest(self, plaintext: Buffer) -> Tuple[bytes, bytes]: ...
+    def decrypt_and_verify(self, ciphertext: Buffer, received_mac_tag: Buffer) -> bytes: ...
+
+def new(key: Buffer, nonce: Buffer = ...) -> ChaCha20Poly1305Cipher: ...
+
+block_size: int
+key_size: int

venv/lib/python3.8/site-packages/Cryptodome/Cipher/DES.py

+# -*- coding: utf-8 -*-
+#
+#  Cipher/DES.py : DES
+#
+# ===================================================================
+# The contents of this file are dedicated to the public domain.  To
+# the extent that dedication to the public domain is not available,
+# everyone is granted a worldwide, perpetual, royalty-free,
+# non-exclusive license to exercise all rights associated with the
+# contents of this file for any purpose whatsoever.
+# No rights are reserved.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
+# BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
+# ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
+# CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+# SOFTWARE.
+# ===================================================================
+"""
+Module's constants for the modes of operation supported with Single DES:
+
+:var MODE_ECB: :ref:`Electronic Code Book (ECB) <ecb_mode>`
+:var MODE_CBC: :ref:`Cipher-Block Chaining (CBC) <cbc_mode>`
+:var MODE_CFB: :ref:`Cipher FeedBack (CFB) <cfb_mode>`
+:var MODE_OFB: :ref:`Output FeedBack (OFB) <ofb_mode>`
+:var MODE_CTR: :ref:`CounTer Mode (CTR) <ctr_mode>`
+:var MODE_OPENPGP:  :ref:`OpenPGP Mode <openpgp_mode>`
+:var MODE_EAX: :ref:`EAX Mode <eax_mode>`
+"""
+
+import sys
+
+from Cryptodome.Cipher import _create_cipher
+from Cryptodome.Util.py3compat import byte_string
+from Cryptodome.Util._raw_api import (load_pycryptodome_raw_lib,
+                                  VoidPointer, SmartPointer,
+                                  c_size_t, c_uint8_ptr)
+
+_raw_des_lib = load_pycryptodome_raw_lib(
+                "Cryptodome.Cipher._raw_des",
+                """
+                int DES_start_operation(const uint8_t key[],
+                                        size_t key_len,
+                                        void **pResult);
+                int DES_encrypt(const void *state,
+                                const uint8_t *in,
+                                uint8_t *out,
+                                size_t data_len);
+                int DES_decrypt(const void *state,
+                                const uint8_t *in,
+                                uint8_t *out,
+                                size_t data_len);
+                int DES_stop_operation(void *state);
+                """)
+
+
+def _create_base_cipher(dict_parameters):
+    """This method instantiates and returns a handle to a low-level
+    base cipher. It will absorb named parameters in the process."""
+
+    try:
+        key = dict_parameters.pop("key")
+    except KeyError:
+        raise TypeError("Missing 'key' parameter")
+
+    if len(key) != key_size:
+        raise ValueError("Incorrect DES key length (%d bytes)" % len(key))
+
+    start_operation = _raw_des_lib.DES_start_operation
+    stop_operation = _raw_des_lib.DES_stop_operation
+
+    cipher = VoidPointer()
+    result = start_operation(c_uint8_ptr(key),
+                             c_size_t(len(key)),
+                             cipher.address_of())
+    if result:
+        raise ValueError("Error %X while instantiating the DES cipher"
+                         % result)
+    return SmartPointer(cipher.get(), stop_operation)
+
+
+def new(key, mode, *args, **kwargs):
+    """Create a new DES cipher.
+
+    :param key:
+        The secret key to use in the symmetric cipher.
+        It must be 8 byte long. The parity bits will be ignored.
+    :type key: bytes/bytearray/memoryview
+
+    :param mode:
+        The chaining mode to use for encryption or decryption.
+    :type mode: One of the supported ``MODE_*`` constants
+
+    :Keyword Arguments:
+        *   **iv** (*byte string*) --
+            (Only applicable for ``MODE_CBC``, ``MODE_CFB``, ``MODE_OFB``,
+            and ``MODE_OPENPGP`` modes).
+
+            The initialization vector to use for encryption or decryption.
+
+            For ``MODE_CBC``, ``MODE_CFB``, and ``MODE_OFB`` it must be 8 bytes long.
+
+            For ``MODE_OPENPGP`` mode only,
+            it must be 8 bytes long for encryption
+            and 10 bytes for decryption (in the latter case, it is
+            actually the *encrypted* IV which was prefixed to the ciphertext).
+
+            If not provided, a random byte string is generated (you must then
+            read its value with the :attr:`iv` attribute).
+
+        *   **nonce** (*byte string*) --
+            (Only applicable for ``MODE_EAX`` and ``MODE_CTR``).
+
+            A value that must never be reused for any other encryption done
+            with this key.
+
+            For ``MODE_EAX`` there are no
+            restrictions on its length (recommended: **16** bytes).
+
+            For ``MODE_CTR``, its length must be in the range **[0..7]**.
+
+            If not provided for ``MODE_EAX``, a random byte string is generated (you
+            can read it back via the ``nonce`` attribute).
+
+        *   **segment_size** (*integer*) --
+            (Only ``MODE_CFB``).The number of **bits** the plaintext and ciphertext
+            are segmented in. It must be a multiple of 8.
+            If not specified, it will be assumed to be 8.
+
+        *   **mac_len** : (*integer*) --
+            (Only ``MODE_EAX``)
+            Length of the authentication tag, in bytes.
+            It must be no longer than 8 (default).
+
+        *   **initial_value** : (*integer*) --
+            (Only ``MODE_CTR``). The initial value for the counter within
+            the counter block. By default it is **0**.
+
+    :Return: a DES object, of the applicable mode.
+    """
+
+    return _create_cipher(sys.modules[__name__], key, mode, *args, **kwargs)
+
+MODE_ECB = 1
+MODE_CBC = 2
+MODE_CFB = 3
+MODE_OFB = 5
+MODE_CTR = 6
+MODE_OPENPGP = 7
+MODE_EAX = 9
+
+# Size of a data block (in bytes)
+block_size = 8
+# Size of a key (in bytes)
+key_size = 8

venv/lib/python3.8/site-packages/Cryptodome/Cipher/DES.pyi

+from typing import Union, Dict, Iterable
+
+from Cryptodome.Cipher._mode_ecb import EcbMode
+from Cryptodome.Cipher._mode_cbc import CbcMode
+from Cryptodome.Cipher._mode_cfb import CfbMode
+from Cryptodome.Cipher._mode_ofb import OfbMode
+from Cryptodome.Cipher._mode_ctr import CtrMode
+from Cryptodome.Cipher._mode_openpgp import OpenPgpMode
+from Cryptodome.Cipher._mode_eax import EaxMode
+
+DESMode = int
+
+MODE_ECB: DESMode
+MODE_CBC: DESMode
+MODE_CFB: DESMode
+MODE_OFB: DESMode
+MODE_CTR: DESMode
+MODE_OPENPGP: DESMode
+MODE_EAX: DESMode
+
+Buffer = Union[bytes, bytearray, memoryview]
+
+def new(key: Buffer,
+        mode: DESMode,
+        iv : Buffer = ...,
+        IV : Buffer = ...,
+        nonce : Buffer = ...,
+        segment_size : int = ...,
+        mac_len : int = ...,
+        initial_value : Union[int, Buffer] = ...,
+        counter : Dict = ...) -> \
+        Union[EcbMode, CbcMode, CfbMode, OfbMode, CtrMode, OpenPgpMode]: ...
+
+block_size: int
+key_size: int

venv/lib/python3.8/site-packages/Cryptodome/Cipher/DES3.py

+# -*- coding: utf-8 -*-
+#
+#  Cipher/DES3.py : DES3
+#
+# ===================================================================
+# The contents of this file are dedicated to the public domain.  To
+# the extent that dedication to the public domain is not available,
+# everyone is granted a worldwide, perpetual, royalty-free,
+# non-exclusive license to exercise all rights associated with the
+# contents of this file for any purpose whatsoever.
+# No rights are reserved.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
+# BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
+# ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
+# CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+# SOFTWARE.
+# ===================================================================
+"""
+Module's constants for the modes of operation supported with Triple DES:
+
+:var MODE_ECB: :ref:`Electronic Code Book (ECB) <ecb_mode>`
+:var MODE_CBC: :ref:`Cipher-Block Chaining (CBC) <cbc_mode>`
+:var MODE_CFB: :ref:`Cipher FeedBack (CFB) <cfb_mode>`
+:var MODE_OFB: :ref:`Output FeedBack (OFB) <ofb_mode>`
+:var MODE_CTR: :ref:`CounTer Mode (CTR) <ctr_mode>`
+:var MODE_OPENPGP:  :ref:`OpenPGP Mode <openpgp_mode>`
+:var MODE_EAX: :ref:`EAX Mode <eax_mode>`
+"""
+
+import sys
+
+from Cryptodome.Cipher import _create_cipher
+from Cryptodome.Util.py3compat import byte_string, bchr, bord, bstr
+from Cryptodome.Util._raw_api import (load_pycryptodome_raw_lib,
+                                  VoidPointer, SmartPointer,
+                                  c_size_t)
+
+_raw_des3_lib = load_pycryptodome_raw_lib(
+                    "Cryptodome.Cipher._raw_des3",
+                    """
+                    int DES3_start_operation(const uint8_t key[],
+                                             size_t key_len,
+                                             void **pResult);
+                    int DES3_encrypt(const void *state,
+                                     const uint8_t *in,
+                                     uint8_t *out,
+                                     size_t data_len);
+                    int DES3_decrypt(const void *state,
+                                     const uint8_t *in,
+                                     uint8_t *out,
+                                     size_t data_len);
+                    int DES3_stop_operation(void *state);
+                    """)
+
+
+def adjust_key_parity(key_in):
+    """Set the parity bits in a TDES key.
+
+    :param key_in: the TDES key whose bits need to be adjusted
+    :type key_in: byte string
+
+    :returns: a copy of ``key_in``, with the parity bits correctly set
+    :rtype: byte string
+
+    :raises ValueError: if the TDES key is not 16 or 24 bytes long
+    :raises ValueError: if the TDES key degenerates into Single DES
+    """
+
+    def parity_byte(key_byte):
+        parity = 1
+        for i in range(1, 8):
+            parity ^= (key_byte >> i) & 1
+        return (key_byte & 0xFE) | parity
+
+    if len(key_in) not in key_size:
+        raise ValueError("Not a valid TDES key")
+
+    key_out = b"".join([ bchr(parity_byte(bord(x))) for x in key_in ])
+
+    if key_out[:8] == key_out[8:16] or key_out[-16:-8] == key_out[-8:]:
+        raise ValueError("Triple DES key degenerates to single DES")
+
+    return key_out
+
+
+def _create_base_cipher(dict_parameters):
+    """This method instantiates and returns a handle to a low-level base cipher.
+    It will absorb named parameters in the process."""
+
+    try:
+        key_in = dict_parameters.pop("key")
+    except KeyError:
+        raise TypeError("Missing 'key' parameter")
+
+    key = adjust_key_parity(bstr(key_in))
+
+    start_operation = _raw_des3_lib.DES3_start_operation
+    stop_operation = _raw_des3_lib.DES3_stop_operation
+
+    cipher = VoidPointer()
+    result = start_operation(key,
+                             c_size_t(len(key)),
+                             cipher.address_of())
+    if result:
+        raise ValueError("Error %X while instantiating the TDES cipher"
+                         % result)
+    return SmartPointer(cipher.get(), stop_operation)
+
+
+def new(key, mode, *args, **kwargs):
+    """Create a new Triple DES cipher.
+
+    :param key:
+        The secret key to use in the symmetric cipher.
+        It must be 16 or 24 byte long. The parity bits will be ignored.
+    :type key: bytes/bytearray/memoryview
+
+    :param mode:
+        The chaining mode to use for encryption or decryption.
+    :type mode: One of the supported ``MODE_*`` constants
+
+    :Keyword Arguments:
+        *   **iv** (*bytes*, *bytearray*, *memoryview*) --
+            (Only applicable for ``MODE_CBC``, ``MODE_CFB``, ``MODE_OFB``,
+            and ``MODE_OPENPGP`` modes).
+
+            The initialization vector to use for encryption or decryption.
+
+            For ``MODE_CBC``, ``MODE_CFB``, and ``MODE_OFB`` it must be 8 bytes long.
+
+            For ``MODE_OPENPGP`` mode only,
+            it must be 8 bytes long for encryption
+            and 10 bytes for decryption (in the latter case, it is
+            actually the *encrypted* IV which was prefixed to the ciphertext).
+
+            If not provided, a random byte string is generated (you must then
+            read its value with the :attr:`iv` attribute).
+
+        *   **nonce** (*bytes*, *bytearray*, *memoryview*) --
+            (Only applicable for ``MODE_EAX`` and ``MODE_CTR``).
+
+            A value that must never be reused for any other encryption done
+            with this key.
+
+            For ``MODE_EAX`` there are no
+            restrictions on its length (recommended: **16** bytes).
+
+            For ``MODE_CTR``, its length must be in the range **[0..7]**.
+
+            If not provided for ``MODE_EAX``, a random byte string is generated (you
+            can read it back via the ``nonce`` attribute).
+
+        *   **segment_size** (*integer*) --
+            (Only ``MODE_CFB``).The number of **bits** the plaintext and ciphertext
+            are segmented in. It must be a multiple of 8.
+            If not specified, it will be assumed to be 8.
+
+        *   **mac_len** : (*integer*) --
+            (Only ``MODE_EAX``)
+            Length of the authentication tag, in bytes.
+            It must be no longer than 8 (default).
+
+        *   **initial_value** : (*integer*) --
+            (Only ``MODE_CTR``). The initial value for the counter within
+            the counter block. By default it is **0**.
+
+    :Return: a Triple DES object, of the applicable mode.
+    """
+
+    return _create_cipher(sys.modules[__name__], key, mode, *args, **kwargs)
+
+MODE_ECB = 1
+MODE_CBC = 2
+MODE_CFB = 3
+MODE_OFB = 5
+MODE_CTR = 6
+MODE_OPENPGP = 7
+MODE_EAX = 9
+
+# Size of a data block (in bytes)
+block_size = 8
+# Size of a key (in bytes)
+key_size = (16, 24)

venv/lib/python3.8/site-packages/Cryptodome/Cipher/DES3.pyi

+from typing import Union, Dict, Tuple
+
+from Cryptodome.Cipher._mode_ecb import EcbMode
+from Cryptodome.Cipher._mode_cbc import CbcMode
+from Cryptodome.Cipher._mode_cfb import CfbMode
+from Cryptodome.Cipher._mode_ofb import OfbMode
+from Cryptodome.Cipher._mode_ctr import CtrMode
+from Cryptodome.Cipher._mode_openpgp import OpenPgpMode
+from Cryptodome.Cipher._mode_eax import EaxMode
+
+def adjust_key_parity(key_in: bytes) -> bytes: ...
+
+DES3Mode = int
+
+MODE_ECB: DES3Mode
+MODE_CBC: DES3Mode
+MODE_CFB: DES3Mode
+MODE_OFB: DES3Mode
+MODE_CTR: DES3Mode
+MODE_OPENPGP: DES3Mode
+MODE_EAX: DES3Mode
+
+Buffer = Union[bytes, bytearray, memoryview]
+
+def new(key: Buffer,
+        mode: DES3Mode,
+        iv : Buffer = ...,
+        IV : Buffer = ...,
+        nonce : Buffer = ...,
+        segment_size : int = ...,
+        mac_len : int = ...,
+        initial_value : Union[int, Buffer] = ...,
+        counter : Dict = ...) -> \
+        Union[EcbMode, CbcMode, CfbMode, OfbMode, CtrMode, OpenPgpMode]: ...
+
+block_size: int
+key_size: Tuple[int, int]

venv/lib/python3.8/site-packages/Cryptodome/Cipher/PKCS1_OAEP.py

+# -*- coding: utf-8 -*-
+#
+#  Cipher/PKCS1_OAEP.py : PKCS#1 OAEP
+#
+# ===================================================================
+# The contents of this file are dedicated to the public domain.  To
+# the extent that dedication to the public domain is not available,
+# everyone is granted a worldwide, perpetual, royalty-free,
+# non-exclusive license to exercise all rights associated with the
+# contents of this file for any purpose whatsoever.
+# No rights are reserved.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
+# BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
+# ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
+# CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+# SOFTWARE.
+# ===================================================================
+
+from Cryptodome.Signature.pss import MGF1
+import Cryptodome.Hash.SHA1
+
+from Cryptodome.Util.py3compat import bord, _copy_bytes
+import Cryptodome.Util.number
+from   Cryptodome.Util.number import ceil_div, bytes_to_long, long_to_bytes
+from   Cryptodome.Util.strxor import strxor
+from Cryptodome import Random
+
+class PKCS1OAEP_Cipher:
+    """Cipher object for PKCS#1 v1.5 OAEP.
+    Do not create directly: use :func:`new` instead."""
+
+    def __init__(self, key, hashAlgo, mgfunc, label, randfunc):
+        """Initialize this PKCS#1 OAEP cipher object.
+
+        :Parameters:
+         key : an RSA key object
+                If a private half is given, both encryption and decryption are possible.
+                If a public half is given, only encryption is possible.
+         hashAlgo : hash object
+                The hash function to use. This can be a module under `Cryptodome.Hash`
+                or an existing hash object created from any of such modules. If not specified,
+                `Cryptodome.Hash.SHA1` is used.
+         mgfunc : callable
+                A mask generation function that accepts two parameters: a string to
+                use as seed, and the lenth of the mask to generate, in bytes.
+                If not specified, the standard MGF1 consistent with ``hashAlgo`` is used (a safe choice).
+         label : bytes/bytearray/memoryview
+                A label to apply to this particular encryption. If not specified,
+                an empty string is used. Specifying a label does not improve
+                security.
+         randfunc : callable
+                A function that returns random bytes.
+
+        :attention: Modify the mask generation function only if you know what you are doing.
+                    Sender and receiver must use the same one.
+        """
+        self._key = key
+
+        if hashAlgo:
+            self._hashObj = hashAlgo
+        else:
+            self._hashObj = Cryptodome.Hash.SHA1
+
+        if mgfunc:
+            self._mgf = mgfunc
+        else:
+            self._mgf = lambda x,y: MGF1(x,y,self._hashObj)
+
+        self._label = _copy_bytes(None, None, label)
+        self._randfunc = randfunc
+
+    def can_encrypt(self):
+        """Legacy function to check if you can call :meth:`encrypt`.
+
+        .. deprecated:: 3.0"""
+        return self._key.can_encrypt()
+
+    def can_decrypt(self):
+        """Legacy function to check if you can call :meth:`decrypt`.
+
+        .. deprecated:: 3.0"""
+        return self._key.can_decrypt()
+
+    def encrypt(self, message):
+        """Encrypt a message with PKCS#1 OAEP.
+
+        :param message:
+            The message to encrypt, also known as plaintext. It can be of
+            variable length, but not longer than the RSA modulus (in bytes)
+            minus 2, minus twice the hash output size.
+            For instance, if you use RSA 2048 and SHA-256, the longest message
+            you can encrypt is 190 byte long.
+        :type message: bytes/bytearray/memoryview
+
+        :returns: The ciphertext, as large as the RSA modulus.
+        :rtype: bytes
+
+        :raises ValueError:
+            if the message is too long.
+        """
+
+        # See 7.1.1 in RFC3447
+        modBits = Cryptodome.Util.number.size(self._key.n)
+        k = ceil_div(modBits, 8) # Convert from bits to bytes
+        hLen = self._hashObj.digest_size
+        mLen = len(message)
+
+        # Step 1b
+        ps_len = k - mLen - 2 * hLen - 2
+        if ps_len < 0:
+            raise ValueError("Plaintext is too long.")
+        # Step 2a
+        lHash = self._hashObj.new(self._label).digest()
+        # Step 2b
+        ps = b'\x00' * ps_len
+        # Step 2c
+        db = lHash + ps + b'\x01' + _copy_bytes(None, None, message)
+        # Step 2d
+        ros = self._randfunc(hLen)
+        # Step 2e
+        dbMask = self._mgf(ros, k-hLen-1)
+        # Step 2f
+        maskedDB = strxor(db, dbMask)
+        # Step 2g
+        seedMask = self._mgf(maskedDB, hLen)
+        # Step 2h
+        maskedSeed = strxor(ros, seedMask)
+        # Step 2i
+        em = b'\x00' + maskedSeed + maskedDB
+        # Step 3a (OS2IP)
+        em_int = bytes_to_long(em)
+        # Step 3b (RSAEP)
+        m_int = self._key._encrypt(em_int)
+        # Step 3c (I2OSP)
+        c = long_to_bytes(m_int, k)
+        return c
+
+    def decrypt(self, ciphertext):
+        """Decrypt a message with PKCS#1 OAEP.
+
+        :param ciphertext: The encrypted message.
+        :type ciphertext: bytes/bytearray/memoryview
+
+        :returns: The original message (plaintext).
+        :rtype: bytes
+
+        :raises ValueError:
+            if the ciphertext has the wrong length, or if decryption
+            fails the integrity check (in which case, the decryption
+            key is probably wrong).
+        :raises TypeError:
+            if the RSA key has no private half (i.e. you are trying
+            to decrypt using a public key).
+        """
+
+        # See 7.1.2 in RFC3447
+        modBits = Cryptodome.Util.number.size(self._key.n)
+        k = ceil_div(modBits,8) # Convert from bits to bytes
+        hLen = self._hashObj.digest_size
+
+        # Step 1b and 1c
+        if len(ciphertext) != k or k<hLen+2:
+            raise ValueError("Ciphertext with incorrect length.")
+        # Step 2a (O2SIP)
+        ct_int = bytes_to_long(ciphertext)
+        # Step 2b (RSADP)
+        m_int = self._key._decrypt(ct_int)
+        # Complete step 2c (I2OSP)
+        em = long_to_bytes(m_int, k)
+        # Step 3a
+        lHash = self._hashObj.new(self._label).digest()
+        # Step 3b
+        y = em[0]
+        # y must be 0, but we MUST NOT check it here in order not to
+        # allow attacks like Manger's (http://dl.acm.org/citation.cfm?id=704143)
+        maskedSeed = em[1:hLen+1]
+        maskedDB = em[hLen+1:]
+        # Step 3c
+        seedMask = self._mgf(maskedDB, hLen)
+        # Step 3d
+        seed = strxor(maskedSeed, seedMask)
+        # Step 3e
+        dbMask = self._mgf(seed, k-hLen-1)
+        # Step 3f
+        db = strxor(maskedDB, dbMask)
+        # Step 3g
+        one_pos = hLen + db[hLen:].find(b'\x01')
+        lHash1 = db[:hLen]
+        invalid = bord(y) | int(one_pos < hLen)
+        hash_compare = strxor(lHash1, lHash)
+        for x in hash_compare:
+            invalid |= bord(x)
+        for x in db[hLen:one_pos]:
+            invalid |= bord(x)
+        if invalid != 0:
+            raise ValueError("Incorrect decryption.")
+        # Step 4
+        return db[one_pos + 1:]
+
+def new(key, hashAlgo=None, mgfunc=None, label=b'', randfunc=None):
+    """Return a cipher object :class:`PKCS1OAEP_Cipher` that can be used to perform PKCS#1 OAEP encryption or decryption.
+
+    :param key:
+      The key object to use to encrypt or decrypt the message.
+      Decryption is only possible with a private RSA key.
+    :type key: RSA key object
+
+    :param hashAlgo:
+      The hash function to use. This can be a module under `Cryptodome.Hash`
+      or an existing hash object created from any of such modules.
+      If not specified, `Cryptodome.Hash.SHA1` is used.
+    :type hashAlgo: hash object
+
+    :param mgfunc:
+      A mask generation function that accepts two parameters: a string to
+      use as seed, and the lenth of the mask to generate, in bytes.
+      If not specified, the standard MGF1 consistent with ``hashAlgo`` is used (a safe choice).
+    :type mgfunc: callable
+
+    :param label:
+      A label to apply to this particular encryption. If not specified,
+      an empty string is used. Specifying a label does not improve
+      security.
+    :type label: bytes/bytearray/memoryview
+
+    :param randfunc:
+      A function that returns random bytes.
+      The default is `Random.get_random_bytes`.
+    :type randfunc: callable
+    """
+
+    if randfunc is None:
+        randfunc = Random.get_random_bytes
+    return PKCS1OAEP_Cipher(key, hashAlgo, mgfunc, label, randfunc)
+

venv/lib/python3.8/site-packages/Cryptodome/Cipher/PKCS1_OAEP.pyi

+from typing import Optional, Union, Callable, Any, overload
+from typing_extensions import Protocol
+
+from Cryptodome.PublicKey.RSA import RsaKey
+
+class HashLikeClass(Protocol):
+    digest_size : int
+    def new(self, data: Optional[bytes] = ...) -> Any: ...
+
+class HashLikeModule(Protocol):
+    digest_size : int
+    @staticmethod
+    def new(data: Optional[bytes] = ...) -> Any: ...
+
+HashLike = Union[HashLikeClass, HashLikeModule]
+
+Buffer = Union[bytes, bytearray, memoryview]
+
+class PKCS1OAEP_Cipher:
+    def __init__(self,
+                 key: RsaKey,
+                 hashAlgo: HashLike,
+                 mgfunc: Callable[[bytes, int], bytes],
+                 label: Buffer,
+                 randfunc: Callable[[int], bytes]) -> None: ...
+    def can_encrypt(self) -> bool: ...
+    def can_decrypt(self) -> bool: ...
+    def encrypt(self, message: Buffer) -> bytes: ...
+    def decrypt(self, ciphertext: Buffer) -> bytes: ...
+
+def new(key: RsaKey,
+        hashAlgo: Optional[HashLike] = ...,
+        mgfunc: Optional[Callable[[bytes, int], bytes]] = ...,
+        label: Optional[Buffer] = ...,
+        randfunc: Optional[Callable[[int], bytes]] = ...) -> PKCS1OAEP_Cipher: ...

venv/lib/python3.8/site-packages/Cryptodome/Cipher/PKCS1_v1_5.py

+# -*- coding: utf-8 -*-
+#
+#  Cipher/PKCS1-v1_5.py : PKCS#1 v1.5
+#
+# ===================================================================
+# The contents of this file are dedicated to the public domain.  To
+# the extent that dedication to the public domain is not available,
+# everyone is granted a worldwide, perpetual, royalty-free,
+# non-exclusive license to exercise all rights associated with the
+# contents of this file for any purpose whatsoever.
+# No rights are reserved.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
+# BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
+# ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
+# CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+# SOFTWARE.
+# ===================================================================
+
+__all__ = ['new', 'PKCS115_Cipher']
+
+from Cryptodome import Random
+from Cryptodome.Util.number import bytes_to_long, long_to_bytes
+from Cryptodome.Util.py3compat import bord, is_bytes, _copy_bytes
+
+from Cryptodome.Util._raw_api import (load_pycryptodome_raw_lib, c_size_t,
+                                  c_uint8_ptr)
+
+
+_raw_pkcs1_decode = load_pycryptodome_raw_lib("Cryptodome.Cipher._pkcs1_decode",
+                        """
+                        int pkcs1_decode(const uint8_t *em, size_t len_em,
+                                         const uint8_t *sentinel, size_t len_sentinel,
+                                         size_t expected_pt_len,
+                                         uint8_t *output);
+                        """)
+
+
+def _pkcs1_decode(em, sentinel, expected_pt_len, output):
+    if len(em) != len(output):
+        raise ValueError("Incorrect output length")
+
+    ret = _raw_pkcs1_decode.pkcs1_decode(c_uint8_ptr(em),
+                                         c_size_t(len(em)),
+                                         c_uint8_ptr(sentinel),
+                                         c_size_t(len(sentinel)),
+                                         c_size_t(expected_pt_len),
+                                         c_uint8_ptr(output))
+    return ret
+
+
+class PKCS115_Cipher:
+    """This cipher can perform PKCS#1 v1.5 RSA encryption or decryption.
+    Do not instantiate directly. Use :func:`Cryptodome.Cipher.PKCS1_v1_5.new` instead."""
+
+    def __init__(self, key, randfunc):
+        """Initialize this PKCS#1 v1.5 cipher object.
+
+        :Parameters:
+         key : an RSA key object
+          If a private half is given, both encryption and decryption are possible.
+          If a public half is given, only encryption is possible.
+         randfunc : callable
+          Function that returns random bytes.
+        """
+
+        self._key = key
+        self._randfunc = randfunc
+
+    def can_encrypt(self):
+        """Return True if this cipher object can be used for encryption."""
+        return self._key.can_encrypt()
+
+    def can_decrypt(self):
+        """Return True if this cipher object can be used for decryption."""
+        return self._key.can_decrypt()
+
+    def encrypt(self, message):
+        """Produce the PKCS#1 v1.5 encryption of a message.
+
+        This function is named ``RSAES-PKCS1-V1_5-ENCRYPT``, and it is specified in
+        `section 7.2.1 of RFC8017
+        <https://tools.ietf.org/html/rfc8017#page-28>`_.
+
+        :param message:
+            The message to encrypt, also known as plaintext. It can be of
+            variable length, but not longer than the RSA modulus (in bytes) minus 11.
+        :type message: bytes/bytearray/memoryview
+
+        :Returns: A byte string, the ciphertext in which the message is encrypted.
+            It is as long as the RSA modulus (in bytes).
+
+        :Raises ValueError:
+            If the RSA key length is not sufficiently long to deal with the given
+            message.
+        """
+
+        # See 7.2.1 in RFC8017
+        k = self._key.size_in_bytes()
+        mLen = len(message)
+
+        # Step 1
+        if mLen > k - 11:
+            raise ValueError("Plaintext is too long.")
+        # Step 2a
+        ps = []
+        while len(ps) != k - mLen - 3:
+            new_byte = self._randfunc(1)
+            if bord(new_byte[0]) == 0x00:
+                continue
+            ps.append(new_byte)
+        ps = b"".join(ps)
+        assert(len(ps) == k - mLen - 3)
+        # Step 2b
+        em = b'\x00\x02' + ps + b'\x00' + _copy_bytes(None, None, message)
+        # Step 3a (OS2IP)
+        em_int = bytes_to_long(em)
+        # Step 3b (RSAEP)
+        m_int = self._key._encrypt(em_int)
+        # Step 3c (I2OSP)
+        c = long_to_bytes(m_int, k)
+        return c
+
+    def decrypt(self, ciphertext, sentinel, expected_pt_len=0):
+        r"""Decrypt a PKCS#1 v1.5 ciphertext.
+
+        This is the function ``RSAES-PKCS1-V1_5-DECRYPT`` specified in
+        `section 7.2.2 of RFC8017
+        <https://tools.ietf.org/html/rfc8017#page-29>`_.
+
+        Args:
+          ciphertext (bytes/bytearray/memoryview):
+            The ciphertext that contains the message to recover.
+          sentinel (any type):
+            The object to return whenever an error is detected.
+          expected_pt_len (integer):
+            The length the plaintext is known to have, or 0 if unknown.
+
+        Returns (byte string):
+            It is either the original message or the ``sentinel`` (in case of an error).
+
+        .. warning::
+            PKCS#1 v1.5 decryption is intrinsically vulnerable to timing
+            attacks (see `Bleichenbacher's`__ attack).
+            **Use PKCS#1 OAEP instead**.
+
+            This implementation attempts to mitigate the risk
+            with some constant-time constructs.
+            However, they are not sufficient by themselves: the type of protocol you
+            implement and the way you handle errors make a big difference.
+
+            Specifically, you should make it very hard for the (malicious)
+            party that submitted the ciphertext to quickly understand if decryption
+            succeeded or not.
+
+            To this end, it is recommended that your protocol only encrypts
+            plaintexts of fixed length (``expected_pt_len``),
+            that ``sentinel`` is a random byte string of the same length,
+            and that processing continues for as long
+            as possible even if ``sentinel`` is returned (i.e. in case of
+            incorrect decryption).
+
+            .. __: https://dx.doi.org/10.1007/BFb0055716
+        """
+
+        # See 7.2.2 in RFC8017
+        k = self._key.size_in_bytes()
+
+        # Step 1
+        if len(ciphertext) != k:
+            raise ValueError("Ciphertext with incorrect length (not %d bytes)" % k)
+
+        # Step 2a (O2SIP)
+        ct_int = bytes_to_long(ciphertext)
+
+        # Step 2b (RSADP)
+        m_int = self._key._decrypt(ct_int)
+
+        # Complete step 2c (I2OSP)
+        em = long_to_bytes(m_int, k)
+
+        # Step 3 (not constant time when the sentinel is not a byte string)
+        output = bytes(bytearray(k))
+        if not is_bytes(sentinel) or len(sentinel) > k:
+            size = _pkcs1_decode(em, b'', expected_pt_len, output)
+            if size < 0:
+                return sentinel
+            else:
+                return output[size:]
+
+        # Step 3 (somewhat constant time)
+        size = _pkcs1_decode(em, sentinel, expected_pt_len, output)
+        return output[size:]
+
+
+def new(key, randfunc=None):
+    """Create a cipher for performing PKCS#1 v1.5 encryption or decryption.
+
+    :param key:
+      The key to use to encrypt or decrypt the message. This is a `Cryptodome.PublicKey.RSA` object.
+      Decryption is only possible if *key* is a private RSA key.
+    :type key: RSA key object
+
+    :param randfunc:
+      Function that return random bytes.
+      The default is :func:`Cryptodome.Random.get_random_bytes`.
+    :type randfunc: callable
+
+    :returns: A cipher object `PKCS115_Cipher`.
+    """
+
+    if randfunc is None:
+        randfunc = Random.get_random_bytes
+    return PKCS115_Cipher(key, randfunc)

venv/lib/python3.8/site-packages/Cryptodome/Cipher/PKCS1_v1_5.pyi

+from typing import Callable, Union, Any, Optional, TypeVar
+
+from Cryptodome.PublicKey.RSA import RsaKey
+
+Buffer = Union[bytes, bytearray, memoryview]
+T = TypeVar('T')
+
+class PKCS115_Cipher:
+    def __init__(self,
+                 key: RsaKey,
+                 randfunc: Callable[[int], bytes]) -> None: ...
+    def can_encrypt(self) -> bool: ...
+    def can_decrypt(self) -> bool: ...
+    def encrypt(self, message: Buffer) -> bytes: ...
+    def decrypt(self, ciphertext: Buffer,
+                sentinel: T,
+                expected_pt_len: Optional[int] = ...) -> Union[bytes, T]: ...
+
+def new(key: RsaKey,
+        randfunc: Optional[Callable[[int], bytes]] = ...) -> PKCS115_Cipher: ...

venv/lib/python3.8/site-packages/Cryptodome/Cipher/Salsa20.py

+# -*- coding: utf-8 -*-
+#
+# Cipher/Salsa20.py : Salsa20 stream cipher (http://cr.yp.to/snuffle.html)
+#
+# Contributed by Fabrizio Tarizzo <fabrizio@fabriziotarizzo.org>.
+#
+# ===================================================================
+# The contents of this file are dedicated to the public domain.  To
+# the extent that dedication to the public domain is not available,
+# everyone is granted a worldwide, perpetual, royalty-free,
+# non-exclusive license to exercise all rights associated with the
+# contents of this file for any purpose whatsoever.
+# No rights are reserved.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
+# BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
+# ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
+# CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+# SOFTWARE.
+# ===================================================================
+
+from Cryptodome.Util.py3compat import _copy_bytes
+from Cryptodome.Util._raw_api import (load_pycryptodome_raw_lib,
+                                  create_string_buffer,
+                                  get_raw_buffer, VoidPointer,
+                                  SmartPointer, c_size_t,
+                                  c_uint8_ptr, is_writeable_buffer)
+
+from Cryptodome.Random import get_random_bytes
+
+_raw_salsa20_lib = load_pycryptodome_raw_lib("Cryptodome.Cipher._Salsa20",
+                    """
+                    int Salsa20_stream_init(uint8_t *key, size_t keylen,
+                                            uint8_t *nonce, size_t nonce_len,
+                                            void **pSalsaState);
+                    int Salsa20_stream_destroy(void *salsaState);
+                    int Salsa20_stream_encrypt(void *salsaState,
+                                               const uint8_t in[],
+                                               uint8_t out[], size_t len);
+                    """)
+
+
+class Salsa20Cipher:
+    """Salsa20 cipher object. Do not create it directly. Use :py:func:`new`
+    instead.
+
+    :var nonce: The nonce with length 8
+    :vartype nonce: byte string
+    """
+
+    def __init__(self, key, nonce):
+        """Initialize a Salsa20 cipher object
+
+        See also `new()` at the module level."""
+
+        if len(key) not in key_size:
+            raise ValueError("Incorrect key length for Salsa20 (%d bytes)" % len(key))
+
+        if len(nonce) != 8:
+            raise ValueError("Incorrect nonce length for Salsa20 (%d bytes)" %
+                             len(nonce))
+
+        self.nonce = _copy_bytes(None, None, nonce)
+
+        self._state = VoidPointer()
+        result = _raw_salsa20_lib.Salsa20_stream_init(
+                        c_uint8_ptr(key),
+                        c_size_t(len(key)),
+                        c_uint8_ptr(nonce),
+                        c_size_t(len(nonce)),
+                        self._state.address_of())
+        if result:
+            raise ValueError("Error %d instantiating a Salsa20 cipher")
+        self._state = SmartPointer(self._state.get(),
+                                   _raw_salsa20_lib.Salsa20_stream_destroy)
+
+        self.block_size = 1
+        self.key_size = len(key)
+
+    def encrypt(self, plaintext, output=None):
+        """Encrypt a piece of data.
+
+        Args:
+          plaintext(bytes/bytearray/memoryview): The data to encrypt, of any size.
+        Keyword Args:
+          output(bytes/bytearray/memoryview): The location where the ciphertext
+            is written to. If ``None``, the ciphertext is returned.
+        Returns:
+          If ``output`` is ``None``, the ciphertext is returned as ``bytes``.
+          Otherwise, ``None``.
+        """
+        
+        if output is None:
+            ciphertext = create_string_buffer(len(plaintext))
+        else:
+            ciphertext = output
+           
+            if not is_writeable_buffer(output):
+                raise TypeError("output must be a bytearray or a writeable memoryview")
+        
+            if len(plaintext) != len(output):
+                raise ValueError("output must have the same length as the input"
+                                 "  (%d bytes)" % len(plaintext))
+
+        result = _raw_salsa20_lib.Salsa20_stream_encrypt(
+                                         self._state.get(),
+                                         c_uint8_ptr(plaintext),
+                                         c_uint8_ptr(ciphertext),
+                                         c_size_t(len(plaintext)))
+        if result:
+            raise ValueError("Error %d while encrypting with Salsa20" % result)
+
+        if output is None:
+            return get_raw_buffer(ciphertext)
+        else:
+            return None
+
+    def decrypt(self, ciphertext, output=None):
+        """Decrypt a piece of data.
+        
+        Args:
+          ciphertext(bytes/bytearray/memoryview): The data to decrypt, of any size.
+        Keyword Args:
+          output(bytes/bytearray/memoryview): The location where the plaintext
+            is written to. If ``None``, the plaintext is returned.
+        Returns:
+          If ``output`` is ``None``, the plaintext is returned as ``bytes``.
+          Otherwise, ``None``.
+        """
+
+        try:
+            return self.encrypt(ciphertext, output=output)
+        except ValueError as e:
+            raise ValueError(str(e).replace("enc", "dec"))
+
+
+def new(key, nonce=None):
+    """Create a new Salsa20 cipher
+
+    :keyword key: The secret key to use. It must be 16 or 32 bytes long.
+    :type key: bytes/bytearray/memoryview
+
+    :keyword nonce:
+        A value that must never be reused for any other encryption
+        done with this key. It must be 8 bytes long.
+
+        If not provided, a random byte string will be generated (you can read
+        it back via the ``nonce`` attribute of the returned object).
+    :type nonce: bytes/bytearray/memoryview
+
+    :Return: a :class:`Cryptodome.Cipher.Salsa20.Salsa20Cipher` object
+    """
+
+    if nonce is None:
+        nonce = get_random_bytes(8)
+
+    return Salsa20Cipher(key, nonce)
+
+# Size of a data block (in bytes)
+block_size = 1
+
+# Size of a key (in bytes)
+key_size = (16, 32)
+

venv/lib/python3.8/site-packages/Cryptodome/Cipher/Salsa20.pyi

+from typing import Union, Tuple, Optional, overload
+
+
+Buffer = Union[bytes, bytearray, memoryview]
+
+class Salsa20Cipher:
+    nonce: bytes
+    block_size: int
+    key_size: int
+
+    def __init__(self,
+                 key: Buffer,
+                 nonce: Buffer) -> None: ...
+    @overload
+    def encrypt(self, plaintext: Buffer) -> bytes: ...
+    @overload
+    def encrypt(self, plaintext: Buffer, output: Union[bytearray, memoryview]) -> None: ...
+    @overload
+    def decrypt(self, plaintext: Buffer) -> bytes: ...
+    @overload
+    def decrypt(self, plaintext: Buffer, output: Union[bytearray, memoryview]) -> None: ...
+
+def new(key: Buffer, nonce: Optional[Buffer] = ...) -> Salsa20Cipher: ...
+
+block_size: int
+key_size: Tuple[int, int]
+

venv/lib/python3.8/site-packages/Cryptodome/Cipher/_EKSBlowfish.py

+# ===================================================================
+#
+# Copyright (c) 2019, Legrandin <helderijs@gmail.com>
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions
+# are met:
+#
+# 1. Redistributions of source code must retain the above copyright
+#    notice, this list of conditions and the following disclaimer.
+# 2. Redistributions in binary form must reproduce the above copyright
+#    notice, this list of conditions and the following disclaimer in
+#    the documentation and/or other materials provided with the
+#    distribution.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+# FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+# COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
+# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
+# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
+# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+# POSSIBILITY OF SUCH DAMAGE.
+# ===================================================================
+
+import sys
+
+from Cryptodome.Cipher import _create_cipher
+from Cryptodome.Util._raw_api import (load_pycryptodome_raw_lib,
+                                  VoidPointer, SmartPointer, c_size_t,
+                                  c_uint8_ptr, c_uint)
+
+_raw_blowfish_lib = load_pycryptodome_raw_lib(
+        "Cryptodome.Cipher._raw_eksblowfish",
+        """
+        int EKSBlowfish_start_operation(const uint8_t key[],
+                                        size_t key_len,
+                                        const uint8_t salt[16],
+                                        size_t salt_len,
+                                        unsigned cost,
+                                        unsigned invert,
+                                        void **pResult);
+        int EKSBlowfish_encrypt(const void *state,
+                                const uint8_t *in,
+                                uint8_t *out,
+                                size_t data_len);
+        int EKSBlowfish_decrypt(const void *state,
+                                const uint8_t *in,
+                                uint8_t *out,
+                                size_t data_len);
+        int EKSBlowfish_stop_operation(void *state);
+        """
+        )
+
+
+def _create_base_cipher(dict_parameters):
+    """This method instantiates and returns a smart pointer to
+    a low-level base cipher. It will absorb named parameters in
+    the process."""
+
+    try:
+        key = dict_parameters.pop("key")
+        salt = dict_parameters.pop("salt")
+        cost = dict_parameters.pop("cost")
+    except KeyError as e:
+        raise TypeError("Missing EKSBlowfish parameter: " + str(e))
+    invert = dict_parameters.pop("invert", True)
+
+    if len(key) not in key_size:
+        raise ValueError("Incorrect EKSBlowfish key length (%d bytes)" % len(key))
+
+    start_operation = _raw_blowfish_lib.EKSBlowfish_start_operation
+    stop_operation = _raw_blowfish_lib.EKSBlowfish_stop_operation
+
+    void_p = VoidPointer()
+    result = start_operation(c_uint8_ptr(key),
+                             c_size_t(len(key)),
+                             c_uint8_ptr(salt),
+                             c_size_t(len(salt)),
+                             c_uint(cost),
+                             c_uint(int(invert)),
+                             void_p.address_of())
+    if result:
+        raise ValueError("Error %X while instantiating the EKSBlowfish cipher"
+                         % result)
+    return SmartPointer(void_p.get(), stop_operation)
+
+
+def new(key, mode, salt, cost, invert):
+    """Create a new EKSBlowfish cipher
+    
+    Args:
+
+      key (bytes, bytearray, memoryview):
+        The secret key to use in the symmetric cipher.
+        Its length can vary from 0 to 72 bytes.
+
+      mode (one of the supported ``MODE_*`` constants):
+        The chaining mode to use for encryption or decryption.
+
+      salt (bytes, bytearray, memoryview):
+        The salt that bcrypt uses to thwart rainbow table attacks
+
+      cost (integer):
+        The complexity factor in bcrypt
+
+      invert (bool):
+        If ``False``, in the inner loop use ``ExpandKey`` first over the salt
+        and then over the key, as defined in
+        the `original bcrypt specification <https://www.usenix.org/legacy/events/usenix99/provos/provos_html/node4.html>`_.
+        If ``True``, reverse the order, as in the first implementation of
+        `bcrypt` in OpenBSD.
+
+    :Return: an EKSBlowfish object
+    """
+
+    kwargs = { 'salt':salt, 'cost':cost, 'invert':invert }
+    return _create_cipher(sys.modules[__name__], key, mode, **kwargs)
+
+
+MODE_ECB = 1
+
+# Size of a data block (in bytes)
+block_size = 8
+# Size of a key (in bytes)
+key_size = range(0, 72 + 1)

venv/lib/python3.8/site-packages/Cryptodome/Cipher/_EKSBlowfish.pyi

+from typing import Union, Iterable
+
+from Cryptodome.Cipher._mode_ecb import EcbMode
+
+MODE_ECB: int
+
+Buffer = Union[bytes, bytearray, memoryview]
+
+def new(key: Buffer,
+        mode: int,
+	salt: Buffer,
+	cost: int) -> EcbMode: ...
+
+block_size: int
+key_size: Iterable[int]

venv/lib/python3.8/site-packages/Cryptodome/Cipher/__init__.py

+#
+# A block cipher is instantiated as a combination of:
+# 1. A base cipher (such as AES)
+# 2. A mode of operation (such as CBC)
+#
+# Both items are implemented as C modules.
+#
+# The API of #1 is (replace "AES" with the name of the actual cipher):
+# - AES_start_operaion(key) --> base_cipher_state
+# - AES_encrypt(base_cipher_state, in, out, length)
+# - AES_decrypt(base_cipher_state, in, out, length)
+# - AES_stop_operation(base_cipher_state)
+#
+# Where base_cipher_state is AES_State, a struct with BlockBase (set of
+# pointers to encrypt/decrypt/stop) followed by cipher-specific data.
+#
+# The API of #2 is (replace "CBC" with the name of the actual mode):
+# - CBC_start_operation(base_cipher_state) --> mode_state
+# - CBC_encrypt(mode_state, in, out, length)
+# - CBC_decrypt(mode_state, in, out, length)
+# - CBC_stop_operation(mode_state)
+#
+# where mode_state is a a pointer to base_cipher_state plus mode-specific data.
+
+import os
+
+from Cryptodome.Cipher._mode_ecb import _create_ecb_cipher
+from Cryptodome.Cipher._mode_cbc import _create_cbc_cipher
+from Cryptodome.Cipher._mode_cfb import _create_cfb_cipher
+from Cryptodome.Cipher._mode_ofb import _create_ofb_cipher
+from Cryptodome.Cipher._mode_ctr import _create_ctr_cipher
+from Cryptodome.Cipher._mode_openpgp import _create_openpgp_cipher
+from Cryptodome.Cipher._mode_ccm import _create_ccm_cipher
+from Cryptodome.Cipher._mode_eax import _create_eax_cipher
+from Cryptodome.Cipher._mode_siv import _create_siv_cipher
+from Cryptodome.Cipher._mode_gcm import _create_gcm_cipher
+from Cryptodome.Cipher._mode_ocb import _create_ocb_cipher
+
+_modes = { 1:_create_ecb_cipher,
+           2:_create_cbc_cipher,
+           3:_create_cfb_cipher,
+           5:_create_ofb_cipher,
+           6:_create_ctr_cipher,
+           7:_create_openpgp_cipher,
+           9:_create_eax_cipher
+           }
+
+_extra_modes = { 8:_create_ccm_cipher,
+                10:_create_siv_cipher,
+                11:_create_gcm_cipher,
+                12:_create_ocb_cipher
+                }
+
+def _create_cipher(factory, key, mode, *args, **kwargs):
+
+    kwargs["key"] = key
+
+    modes = dict(_modes)
+    if kwargs.pop("add_aes_modes", False):
+        modes.update(_extra_modes)
+    if not mode in modes:
+        raise ValueError("Mode not supported")
+
+    if args:
+        if mode in (8, 9, 10, 11, 12):
+            if len(args) > 1:
+                raise TypeError("Too many arguments for this mode")
+            kwargs["nonce"] = args[0]
+        elif mode in (2, 3, 5, 7):
+            if len(args) > 1:
+                raise TypeError("Too many arguments for this mode")
+            kwargs["IV"] = args[0]
+        elif mode == 6:
+            if len(args) > 0:
+                raise TypeError("Too many arguments for this mode")
+        elif mode == 1:
+            raise TypeError("IV is not meaningful for the ECB mode")
+
+    return modes[mode](factory, **kwargs)

venv/lib/python3.8/site-packages/Cryptodome/Cipher/_mode_cbc.pyi

+from typing import Union, overload
+
+from Cryptodome.Util._raw_api import SmartPointer
+
+Buffer = Union[bytes, bytearray, memoryview]
+
+__all__ = ['CbcMode']
+
+class CbcMode(object):
+    block_size: int
+    iv: Buffer
+    IV: Buffer
+
+    def __init__(self,
+                 block_cipher: SmartPointer,
+                 iv: Buffer) -> None: ...
+    @overload
+    def encrypt(self, plaintext: Buffer) -> bytes: ...
+    @overload
+    def encrypt(self, plaintext: Buffer, output: Union[bytearray, memoryview]) -> None: ...
+    @overload
+    def decrypt(self, plaintext: Buffer) -> bytes: ...
+    @overload
+    def decrypt(self, plaintext: Buffer, output: Union[bytearray, memoryview]) -> None: ...
+

venv/lib/python3.8/site-packages/Cryptodome/Cipher/_mode_ccm.pyi

+from types import ModuleType
+from typing import Union, overload, Dict, Tuple, Optional
+
+Buffer = Union[bytes, bytearray, memoryview]
+
+__all__ = ['CcmMode']
+
+class CcmMode(object):
+    block_size: int
+    nonce: bytes
+
+    def __init__(self,
+                 factory: ModuleType,
+                 key: Buffer,
+                 nonce: Buffer,
+                 mac_len: int,
+                 msg_len: int,
+                 assoc_len: int,
+                 cipher_params: Dict) -> None: ...
+    
+    def update(self, assoc_data: Buffer) -> CcmMode: ...
+
+    @overload
+    def encrypt(self, plaintext: Buffer) -> bytes: ...
+    @overload
+    def encrypt(self, plaintext: Buffer, output: Union[bytearray, memoryview]) -> None: ...
+    @overload
+    def decrypt(self, plaintext: Buffer) -> bytes: ...
+    @overload
+    def decrypt(self, plaintext: Buffer, output: Union[bytearray, memoryview]) -> None: ...
+
+    def digest(self) -> bytes: ...
+    def hexdigest(self) -> str: ...
+    def verify(self, received_mac_tag: Buffer) -> None: ...
+    def hexverify(self, hex_mac_tag: str) -> None: ...
+
+    @overload
+    def encrypt_and_digest(self,
+                           plaintext: Buffer) -> Tuple[bytes, bytes]: ...
+    @overload
+    def encrypt_and_digest(self,
+                           plaintext: Buffer,
+                           output: Buffer) -> Tuple[None, bytes]: ...
+    def decrypt_and_verify(self,
+                           ciphertext: Buffer,
+                           received_mac_tag: Buffer,
+                           output: Optional[Union[bytearray, memoryview]] = ...) -> bytes: ...

venv/lib/python3.8/site-packages/Cryptodome/Cipher/_mode_cfb.pyi

+from typing import Union, overload
+
+from Cryptodome.Util._raw_api import SmartPointer
+
+Buffer = Union[bytes, bytearray, memoryview]
+
+__all__ = ['CfbMode']
+
+
+class CfbMode(object):
+    block_size: int
+    iv: Buffer
+    IV: Buffer
+    
+    def __init__(self,
+                 block_cipher: SmartPointer,
+                 iv: Buffer,
+                 segment_size: int) -> None: ...
+    @overload
+    def encrypt(self, plaintext: Buffer) -> bytes: ...
+    @overload
+    def encrypt(self, plaintext: Buffer, output: Union[bytearray, memoryview]) -> None: ...
+    @overload
+    def decrypt(self, plaintext: Buffer) -> bytes: ...
+    @overload
+    def decrypt(self, plaintext: Buffer, output: Union[bytearray, memoryview]) -> None: ...

venv/lib/python3.8/site-packages/Cryptodome/Cipher/_mode_ctr.pyi

+from typing import Union, overload
+
+from Cryptodome.Util._raw_api import SmartPointer
+
+Buffer = Union[bytes, bytearray, memoryview]
+
+__all__ = ['CtrMode']
+
+class CtrMode(object):
+    block_size: int
+    nonce: bytes
+
+    def __init__(self,
+                 block_cipher: SmartPointer,
+                 initial_counter_block: Buffer,
+                 prefix_len: int,
+                 counter_len: int,
+                 little_endian: bool) -> None: ...
+    @overload
+    def encrypt(self, plaintext: Buffer) -> bytes: ...
+    @overload
+    def encrypt(self, plaintext: Buffer, output: Union[bytearray, memoryview]) -> None: ...
+    @overload
+    def decrypt(self, plaintext: Buffer) -> bytes: ...
+    @overload
+    def decrypt(self, plaintext: Buffer, output: Union[bytearray, memoryview]) -> None: ...
+

venv/lib/python3.8/site-packages/Cryptodome/Cipher/_mode_eax.pyi

+from types import ModuleType
+from typing import Any, Union, Tuple, Dict, overload, Optional
+
+Buffer = Union[bytes, bytearray, memoryview]
+
+__all__ = ['EaxMode']
+
+class EaxMode(object):
+    block_size: int
+    nonce: bytes
+    
+    def __init__(self,
+                 factory: ModuleType,
+                 key: Buffer,
+                 nonce: Buffer,
+                 mac_len: int,
+                 cipher_params: Dict) -> None: ...
+    
+    def update(self, assoc_data: Buffer) -> EaxMode: ...
+
+    @overload
+    def encrypt(self, plaintext: Buffer) -> bytes: ...
+    @overload
+    def encrypt(self, plaintext: Buffer, output: Union[bytearray, memoryview]) -> None: ...
+    @overload
+    def decrypt(self, plaintext: Buffer) -> bytes: ...
+    @overload
+    def decrypt(self, plaintext: Buffer, output: Union[bytearray, memoryview]) -> None: ...
+
+    def digest(self) -> bytes: ...
+    def hexdigest(self) -> str: ...
+    def verify(self, received_mac_tag: Buffer) -> None: ...
+    def hexverify(self, hex_mac_tag: str) -> None: ...
+
+    @overload
+    def encrypt_and_digest(self,
+                           plaintext: Buffer) -> Tuple[bytes, bytes]: ...
+    @overload
+    def encrypt_and_digest(self,
+                           plaintext: Buffer,
+                           output: Buffer) -> Tuple[None, bytes]: ...
+    def decrypt_and_verify(self,
+                           ciphertext: Buffer,
+                           received_mac_tag: Buffer,
+                           output: Optional[Union[bytearray, memoryview]] = ...) -> bytes: ...

venv/lib/python3.8/site-packages/Cryptodome/Cipher/_mode_ecb.pyi

+from typing import Union, overload
+
+from Cryptodome.Util._raw_api import SmartPointer
+
+Buffer = Union[bytes, bytearray, memoryview]
+
+__all__ = [ 'EcbMode' ]
+
+class EcbMode(object):
+    def __init__(self, block_cipher: SmartPointer) -> None: ...
+    @overload
+    def encrypt(self, plaintext: Buffer) -> bytes: ...
+    @overload
+    def encrypt(self, plaintext: Buffer, output: Union[bytearray, memoryview]) -> None: ...
+    @overload
+    def decrypt(self, plaintext: Buffer) -> bytes: ...
+    @overload
+    def decrypt(self, plaintext: Buffer, output: Union[bytearray, memoryview]) -> None: ...
+

venv/lib/python3.8/site-packages/Cryptodome/Cipher/_mode_gcm.pyi

+from types import ModuleType
+from typing import Union, Tuple, Dict, overload, Optional
+
+__all__ = ['GcmMode']
+
+Buffer = Union[bytes, bytearray, memoryview]
+
+class GcmMode(object):
+    block_size: int
+    nonce: Buffer
+    
+    def __init__(self,
+                 factory: ModuleType,
+                 key: Buffer,
+                 nonce: Buffer,
+                 mac_len: int,
+                 cipher_params: Dict) -> None: ...
+    
+    def update(self, assoc_data: Buffer) -> GcmMode: ...
+
+    @overload
+    def encrypt(self, plaintext: Buffer) -> bytes: ...
+    @overload
+    def encrypt(self, plaintext: Buffer, output: Union[bytearray, memoryview]) -> None: ...
+    @overload
+    def decrypt(self, plaintext: Buffer) -> bytes: ...
+    @overload
+    def decrypt(self, plaintext: Buffer, output: Union[bytearray, memoryview]) -> None: ...
+
+    def digest(self) -> bytes: ...
+    def hexdigest(self) -> str: ...
+    def verify(self, received_mac_tag: Buffer) -> None: ...
+    def hexverify(self, hex_mac_tag: str) -> None: ...
+
+    @overload
+    def encrypt_and_digest(self,
+                           plaintext: Buffer) -> Tuple[bytes, bytes]: ...
+    @overload
+    def encrypt_and_digest(self,
+                           plaintext: Buffer,
+                           output: Buffer) -> Tuple[None, bytes]: ...
+    def decrypt_and_verify(self,
+                           ciphertext: Buffer,
+                           received_mac_tag: Buffer,
+                           output: Optional[Union[bytearray, memoryview]] = ...) -> bytes: ...