Add files using upload-large-folder tool

.gitattributes

@@ -329,3 +329,5 @@ tuning-competition-baseline/.venv/lib/python3.11/site-packages/nvidia/cudnn/lib/
 .venv/lib/python3.11/site-packages/httptools/parser/url_parser.cpython-311-x86_64-linux-gnu.so filter=lfs diff=lfs merge=lfs -text
 .venv/lib/python3.11/site-packages/httptools/parser/parser.cpython-311-x86_64-linux-gnu.so filter=lfs diff=lfs merge=lfs -text
 .venv/lib/python3.11/site-packages/yarl/_quoting_c.cpython-311-x86_64-linux-gnu.so filter=lfs diff=lfs merge=lfs -text
+.venv/lib/python3.11/site-packages/cryptography/x509/__pycache__/extensions.cpython-311.pyc filter=lfs diff=lfs merge=lfs -text
+.venv/lib/python3.11/site-packages/sentencepiece/_sentencepiece.cpython-311-x86_64-linux-gnu.so filter=lfs diff=lfs merge=lfs -text

.venv/lib/python3.11/site-packages/cryptography/hazmat/bindings/__init__.py

@@ -0,0 +1,3 @@
+# This file is dual licensed under the terms of the Apache License, Version
+# 2.0, and the BSD License. See the LICENSE file in the root of this repository
+# for complete details.

.venv/lib/python3.11/site-packages/cryptography/hazmat/bindings/_rust/__init__.pyi

@@ -0,0 +1,24 @@
+# This file is dual licensed under the terms of the Apache License, Version
+# 2.0, and the BSD License. See the LICENSE file in the root of this repository
+# for complete details.
+
+import typing
+
+from cryptography.hazmat.primitives import padding
+
+def check_pkcs7_padding(data: bytes) -> bool: ...
+def check_ansix923_padding(data: bytes) -> bool: ...
+
+class PKCS7PaddingContext(padding.PaddingContext):
+    def __init__(self, block_size: int) -> None: ...
+    def update(self, data: bytes) -> bytes: ...
+    def finalize(self) -> bytes: ...
+
+class ObjectIdentifier:
+    def __init__(self, val: str) -> None: ...
+    @property
+    def dotted_string(self) -> str: ...
+    @property
+    def _name(self) -> str: ...
+
+T = typing.TypeVar("T")

.venv/lib/python3.11/site-packages/cryptography/hazmat/bindings/_rust/_openssl.pyi

@@ -0,0 +1,8 @@
+# This file is dual licensed under the terms of the Apache License, Version
+# 2.0, and the BSD License. See the LICENSE file in the root of this repository
+# for complete details.
+
+import typing
+
+lib = typing.Any
+ffi = typing.Any

.venv/lib/python3.11/site-packages/cryptography/hazmat/bindings/_rust/asn1.pyi

@@ -0,0 +1,7 @@
+# This file is dual licensed under the terms of the Apache License, Version
+# 2.0, and the BSD License. See the LICENSE file in the root of this repository
+# for complete details.
+
+def decode_dss_signature(signature: bytes) -> tuple[int, int]: ...
+def encode_dss_signature(r: int, s: int) -> bytes: ...
+def parse_spki_for_data(data: bytes) -> bytes: ...

.venv/lib/python3.11/site-packages/cryptography/hazmat/bindings/_rust/exceptions.pyi

@@ -0,0 +1,17 @@
+# This file is dual licensed under the terms of the Apache License, Version
+# 2.0, and the BSD License. See the LICENSE file in the root of this repository
+# for complete details.
+
+class _Reasons:
+    BACKEND_MISSING_INTERFACE: _Reasons
+    UNSUPPORTED_HASH: _Reasons
+    UNSUPPORTED_CIPHER: _Reasons
+    UNSUPPORTED_PADDING: _Reasons
+    UNSUPPORTED_MGF: _Reasons
+    UNSUPPORTED_PUBLIC_KEY_ALGORITHM: _Reasons
+    UNSUPPORTED_ELLIPTIC_CURVE: _Reasons
+    UNSUPPORTED_SERIALIZATION: _Reasons
+    UNSUPPORTED_X509: _Reasons
+    UNSUPPORTED_EXCHANGE_ALGORITHM: _Reasons
+    UNSUPPORTED_DIFFIE_HELLMAN: _Reasons
+    UNSUPPORTED_MAC: _Reasons

.venv/lib/python3.11/site-packages/cryptography/hazmat/bindings/_rust/ocsp.pyi

@@ -0,0 +1,23 @@
+# This file is dual licensed under the terms of the Apache License, Version
+# 2.0, and the BSD License. See the LICENSE file in the root of this repository
+# for complete details.
+
+from cryptography.hazmat.primitives import hashes
+from cryptography.hazmat.primitives.asymmetric.types import PrivateKeyTypes
+from cryptography.x509 import ocsp
+
+class OCSPRequest: ...
+class OCSPResponse: ...
+class OCSPSingleResponse: ...
+
+def load_der_ocsp_request(data: bytes) -> ocsp.OCSPRequest: ...
+def load_der_ocsp_response(data: bytes) -> ocsp.OCSPResponse: ...
+def create_ocsp_request(
+    builder: ocsp.OCSPRequestBuilder,
+) -> ocsp.OCSPRequest: ...
+def create_ocsp_response(
+    status: ocsp.OCSPResponseStatus,
+    builder: ocsp.OCSPResponseBuilder | None,
+    private_key: PrivateKeyTypes | None,
+    hash_algorithm: hashes.HashAlgorithm | None,
+) -> ocsp.OCSPResponse: ...

.venv/lib/python3.11/site-packages/cryptography/hazmat/bindings/_rust/openssl/__init__.pyi

@@ -0,0 +1,71 @@
+# This file is dual licensed under the terms of the Apache License, Version
+# 2.0, and the BSD License. See the LICENSE file in the root of this repository
+# for complete details.
+
+import typing
+
+from cryptography.hazmat.bindings._rust.openssl import (
+    aead,
+    ciphers,
+    cmac,
+    dh,
+    dsa,
+    ec,
+    ed448,
+    ed25519,
+    hashes,
+    hmac,
+    kdf,
+    keys,
+    poly1305,
+    rsa,
+    x448,
+    x25519,
+)
+
+__all__ = [
+    "aead",
+    "ciphers",
+    "cmac",
+    "dh",
+    "dsa",
+    "ec",
+    "ed448",
+    "ed25519",
+    "hashes",
+    "hmac",
+    "kdf",
+    "keys",
+    "openssl_version",
+    "openssl_version_text",
+    "poly1305",
+    "raise_openssl_error",
+    "rsa",
+    "x448",
+    "x25519",
+]
+
+CRYPTOGRAPHY_IS_LIBRESSL: bool
+CRYPTOGRAPHY_IS_BORINGSSL: bool
+CRYPTOGRAPHY_OPENSSL_300_OR_GREATER: bool
+CRYPTOGRAPHY_OPENSSL_320_OR_GREATER: bool
+
+class Providers: ...
+
+_legacy_provider_loaded: bool
+_providers: Providers
+
+def openssl_version() -> int: ...
+def openssl_version_text() -> str: ...
+def raise_openssl_error() -> typing.NoReturn: ...
+def capture_error_stack() -> list[OpenSSLError]: ...
+def is_fips_enabled() -> bool: ...
+def enable_fips(providers: Providers) -> None: ...
+
+class OpenSSLError:
+    @property
+    def lib(self) -> int: ...
+    @property
+    def reason(self) -> int: ...
+    @property
+    def reason_text(self) -> bytes: ...

.venv/lib/python3.11/site-packages/cryptography/hazmat/bindings/_rust/openssl/ciphers.pyi

@@ -0,0 +1,38 @@
+# This file is dual licensed under the terms of the Apache License, Version
+# 2.0, and the BSD License. See the LICENSE file in the root of this repository
+# for complete details.
+
+import typing
+
+from cryptography.hazmat.primitives import ciphers
+from cryptography.hazmat.primitives.ciphers import modes
+
+@typing.overload
+def create_encryption_ctx(
+    algorithm: ciphers.CipherAlgorithm, mode: modes.ModeWithAuthenticationTag
+) -> ciphers.AEADEncryptionContext: ...
+@typing.overload
+def create_encryption_ctx(
+    algorithm: ciphers.CipherAlgorithm, mode: modes.Mode
+) -> ciphers.CipherContext: ...
+@typing.overload
+def create_decryption_ctx(
+    algorithm: ciphers.CipherAlgorithm, mode: modes.ModeWithAuthenticationTag
+) -> ciphers.AEADDecryptionContext: ...
+@typing.overload
+def create_decryption_ctx(
+    algorithm: ciphers.CipherAlgorithm, mode: modes.Mode
+) -> ciphers.CipherContext: ...
+def cipher_supported(
+    algorithm: ciphers.CipherAlgorithm, mode: modes.Mode
+) -> bool: ...
+def _advance(
+    ctx: ciphers.AEADEncryptionContext | ciphers.AEADDecryptionContext, n: int
+) -> None: ...
+def _advance_aad(
+    ctx: ciphers.AEADEncryptionContext | ciphers.AEADDecryptionContext, n: int
+) -> None: ...
+
+class CipherContext: ...
+class AEADEncryptionContext: ...
+class AEADDecryptionContext: ...

.venv/lib/python3.11/site-packages/cryptography/hazmat/bindings/_rust/openssl/dh.pyi

@@ -0,0 +1,51 @@
+# This file is dual licensed under the terms of the Apache License, Version
+# 2.0, and the BSD License. See the LICENSE file in the root of this repository
+# for complete details.
+
+import typing
+
+from cryptography.hazmat.primitives.asymmetric import dh
+
+MIN_MODULUS_SIZE: int
+
+class DHPrivateKey: ...
+class DHPublicKey: ...
+class DHParameters: ...
+
+class DHPrivateNumbers:
+    def __init__(self, x: int, public_numbers: DHPublicNumbers) -> None: ...
+    def private_key(self, backend: typing.Any = None) -> dh.DHPrivateKey: ...
+    @property
+    def x(self) -> int: ...
+    @property
+    def public_numbers(self) -> DHPublicNumbers: ...
+
+class DHPublicNumbers:
+    def __init__(
+        self, y: int, parameter_numbers: DHParameterNumbers
+    ) -> None: ...
+    def public_key(self, backend: typing.Any = None) -> dh.DHPublicKey: ...
+    @property
+    def y(self) -> int: ...
+    @property
+    def parameter_numbers(self) -> DHParameterNumbers: ...
+
+class DHParameterNumbers:
+    def __init__(self, p: int, g: int, q: int | None = None) -> None: ...
+    def parameters(self, backend: typing.Any = None) -> dh.DHParameters: ...
+    @property
+    def p(self) -> int: ...
+    @property
+    def g(self) -> int: ...
+    @property
+    def q(self) -> int | None: ...
+
+def generate_parameters(
+    generator: int, key_size: int, backend: typing.Any = None
+) -> dh.DHParameters: ...
+def from_pem_parameters(
+    data: bytes, backend: typing.Any = None
+) -> dh.DHParameters: ...
+def from_der_parameters(
+    data: bytes, backend: typing.Any = None
+) -> dh.DHParameters: ...

.venv/lib/python3.11/site-packages/cryptography/hazmat/bindings/_rust/openssl/dsa.pyi

@@ -0,0 +1,41 @@
+# This file is dual licensed under the terms of the Apache License, Version
+# 2.0, and the BSD License. See the LICENSE file in the root of this repository
+# for complete details.
+
+import typing
+
+from cryptography.hazmat.primitives.asymmetric import dsa
+
+class DSAPrivateKey: ...
+class DSAPublicKey: ...
+class DSAParameters: ...
+
+class DSAPrivateNumbers:
+    def __init__(self, x: int, public_numbers: DSAPublicNumbers) -> None: ...
+    @property
+    def x(self) -> int: ...
+    @property
+    def public_numbers(self) -> DSAPublicNumbers: ...
+    def private_key(self, backend: typing.Any = None) -> dsa.DSAPrivateKey: ...
+
+class DSAPublicNumbers:
+    def __init__(
+        self, y: int, parameter_numbers: DSAParameterNumbers
+    ) -> None: ...
+    @property
+    def y(self) -> int: ...
+    @property
+    def parameter_numbers(self) -> DSAParameterNumbers: ...
+    def public_key(self, backend: typing.Any = None) -> dsa.DSAPublicKey: ...
+
+class DSAParameterNumbers:
+    def __init__(self, p: int, q: int, g: int) -> None: ...
+    @property
+    def p(self) -> int: ...
+    @property
+    def q(self) -> int: ...
+    @property
+    def g(self) -> int: ...
+    def parameters(self, backend: typing.Any = None) -> dsa.DSAParameters: ...
+
+def generate_parameters(key_size: int) -> dsa.DSAParameters: ...

.venv/lib/python3.11/site-packages/cryptography/hazmat/bindings/_rust/openssl/hashes.pyi

@@ -0,0 +1,17 @@
+# This file is dual licensed under the terms of the Apache License, Version
+# 2.0, and the BSD License. See the LICENSE file in the root of this repository
+# for complete details.
+
+import typing
+
+from cryptography.hazmat.primitives import hashes
+
+class Hash(hashes.HashContext):
+    def __init__(
+        self, algorithm: hashes.HashAlgorithm, backend: typing.Any = None
+    ) -> None: ...
+    @property
+    def algorithm(self) -> hashes.HashAlgorithm: ...
+    def update(self, data: bytes) -> None: ...
+    def finalize(self) -> bytes: ...
+    def copy(self) -> Hash: ...

.venv/lib/python3.11/site-packages/cryptography/hazmat/bindings/_rust/openssl/keys.pyi

@@ -0,0 +1,33 @@
+# This file is dual licensed under the terms of the Apache License, Version
+# 2.0, and the BSD License. See the LICENSE file in the root of this repository
+# for complete details.
+
+import typing
+
+from cryptography.hazmat.primitives.asymmetric.types import (
+    PrivateKeyTypes,
+    PublicKeyTypes,
+)
+
+def load_der_private_key(
+    data: bytes,
+    password: bytes | None,
+    backend: typing.Any = None,
+    *,
+    unsafe_skip_rsa_key_validation: bool = False,
+) -> PrivateKeyTypes: ...
+def load_pem_private_key(
+    data: bytes,
+    password: bytes | None,
+    backend: typing.Any = None,
+    *,
+    unsafe_skip_rsa_key_validation: bool = False,
+) -> PrivateKeyTypes: ...
+def load_der_public_key(
+    data: bytes,
+    backend: typing.Any = None,
+) -> PublicKeyTypes: ...
+def load_pem_public_key(
+    data: bytes,
+    backend: typing.Any = None,
+) -> PublicKeyTypes: ...

.venv/lib/python3.11/site-packages/cryptography/hazmat/bindings/_rust/openssl/x25519.pyi

@@ -0,0 +1,12 @@
+# This file is dual licensed under the terms of the Apache License, Version
+# 2.0, and the BSD License. See the LICENSE file in the root of this repository
+# for complete details.
+
+from cryptography.hazmat.primitives.asymmetric import x25519
+
+class X25519PrivateKey: ...
+class X25519PublicKey: ...
+
+def generate_key() -> x25519.X25519PrivateKey: ...
+def from_private_bytes(data: bytes) -> x25519.X25519PrivateKey: ...
+def from_public_bytes(data: bytes) -> x25519.X25519PublicKey: ...

.venv/lib/python3.11/site-packages/cryptography/hazmat/bindings/_rust/openssl/x448.pyi

@@ -0,0 +1,12 @@
+# This file is dual licensed under the terms of the Apache License, Version
+# 2.0, and the BSD License. See the LICENSE file in the root of this repository
+# for complete details.
+
+from cryptography.hazmat.primitives.asymmetric import x448
+
+class X448PrivateKey: ...
+class X448PublicKey: ...
+
+def generate_key() -> x448.X448PrivateKey: ...
+def from_private_bytes(data: bytes) -> x448.X448PrivateKey: ...
+def from_public_bytes(data: bytes) -> x448.X448PublicKey: ...

.venv/lib/python3.11/site-packages/cryptography/hazmat/bindings/_rust/pkcs12.pyi

@@ -0,0 +1,46 @@
+# This file is dual licensed under the terms of the Apache License, Version
+# 2.0, and the BSD License. See the LICENSE file in the root of this repository
+# for complete details.
+
+import typing
+
+from cryptography import x509
+from cryptography.hazmat.primitives.asymmetric.types import PrivateKeyTypes
+from cryptography.hazmat.primitives.serialization import (
+    KeySerializationEncryption,
+)
+from cryptography.hazmat.primitives.serialization.pkcs12 import (
+    PKCS12KeyAndCertificates,
+    PKCS12PrivateKeyTypes,
+)
+
+class PKCS12Certificate:
+    def __init__(
+        self, cert: x509.Certificate, friendly_name: bytes | None
+    ) -> None: ...
+    @property
+    def friendly_name(self) -> bytes | None: ...
+    @property
+    def certificate(self) -> x509.Certificate: ...
+
+def load_key_and_certificates(
+    data: bytes,
+    password: bytes | None,
+    backend: typing.Any = None,
+) -> tuple[
+    PrivateKeyTypes | None,
+    x509.Certificate | None,
+    list[x509.Certificate],
+]: ...
+def load_pkcs12(
+    data: bytes,
+    password: bytes | None,
+    backend: typing.Any = None,
+) -> PKCS12KeyAndCertificates: ...
+def serialize_key_and_certificates(
+    name: bytes | None,
+    key: PKCS12PrivateKeyTypes | None,
+    cert: x509.Certificate | None,
+    cas: typing.Iterable[x509.Certificate | PKCS12Certificate] | None,
+    encryption_algorithm: KeySerializationEncryption,
+) -> bytes: ...

.venv/lib/python3.11/site-packages/cryptography/hazmat/bindings/_rust/pkcs7.pyi

@@ -0,0 +1,30 @@
+# This file is dual licensed under the terms of the Apache License, Version
+# 2.0, and the BSD License. See the LICENSE file in the root of this repository
+# for complete details.
+
+import typing
+
+from cryptography import x509
+from cryptography.hazmat.primitives import serialization
+from cryptography.hazmat.primitives.serialization import pkcs7
+
+def serialize_certificates(
+    certs: list[x509.Certificate],
+    encoding: serialization.Encoding,
+) -> bytes: ...
+def encrypt_and_serialize(
+    builder: pkcs7.PKCS7EnvelopeBuilder,
+    encoding: serialization.Encoding,
+    options: typing.Iterable[pkcs7.PKCS7Options],
+) -> bytes: ...
+def sign_and_serialize(
+    builder: pkcs7.PKCS7SignatureBuilder,
+    encoding: serialization.Encoding,
+    options: typing.Iterable[pkcs7.PKCS7Options],
+) -> bytes: ...
+def load_pem_pkcs7_certificates(
+    data: bytes,
+) -> list[x509.Certificate]: ...
+def load_der_pkcs7_certificates(
+    data: bytes,
+) -> list[x509.Certificate]: ...

.venv/lib/python3.11/site-packages/cryptography/hazmat/bindings/_rust/test_support.pyi

@@ -0,0 +1,29 @@
+# This file is dual licensed under the terms of the Apache License, Version
+# 2.0, and the BSD License. See the LICENSE file in the root of this repository
+# for complete details.
+
+from cryptography import x509
+from cryptography.hazmat.primitives import serialization
+from cryptography.hazmat.primitives.serialization import pkcs7
+
+class TestCertificate:
+    not_after_tag: int
+    not_before_tag: int
+    issuer_value_tags: list[int]
+    subject_value_tags: list[int]
+
+def test_parse_certificate(data: bytes) -> TestCertificate: ...
+def pkcs7_decrypt(
+    encoding: serialization.Encoding,
+    msg: bytes,
+    pkey: serialization.pkcs7.PKCS7PrivateKeyTypes,
+    cert_recipient: x509.Certificate,
+    options: list[pkcs7.PKCS7Options],
+) -> bytes: ...
+def pkcs7_verify(
+    encoding: serialization.Encoding,
+    sig: bytes,
+    msg: bytes | None,
+    certs: list[x509.Certificate],
+    options: list[pkcs7.PKCS7Options],
+) -> None: ...

.venv/lib/python3.11/site-packages/cryptography/hazmat/bindings/_rust/x509.pyi

@@ -0,0 +1,108 @@
+# This file is dual licensed under the terms of the Apache License, Version
+# 2.0, and the BSD License. See the LICENSE file in the root of this repository
+# for complete details.
+
+import datetime
+import typing
+
+from cryptography import x509
+from cryptography.hazmat.primitives import hashes
+from cryptography.hazmat.primitives.asymmetric.padding import PSS, PKCS1v15
+from cryptography.hazmat.primitives.asymmetric.types import PrivateKeyTypes
+
+def load_pem_x509_certificate(
+    data: bytes, backend: typing.Any = None
+) -> x509.Certificate: ...
+def load_der_x509_certificate(
+    data: bytes, backend: typing.Any = None
+) -> x509.Certificate: ...
+def load_pem_x509_certificates(
+    data: bytes,
+) -> list[x509.Certificate]: ...
+def load_pem_x509_crl(
+    data: bytes, backend: typing.Any = None
+) -> x509.CertificateRevocationList: ...
+def load_der_x509_crl(
+    data: bytes, backend: typing.Any = None
+) -> x509.CertificateRevocationList: ...
+def load_pem_x509_csr(
+    data: bytes, backend: typing.Any = None
+) -> x509.CertificateSigningRequest: ...
+def load_der_x509_csr(
+    data: bytes, backend: typing.Any = None
+) -> x509.CertificateSigningRequest: ...
+def encode_name_bytes(name: x509.Name) -> bytes: ...
+def encode_extension_value(extension: x509.ExtensionType) -> bytes: ...
+def create_x509_certificate(
+    builder: x509.CertificateBuilder,
+    private_key: PrivateKeyTypes,
+    hash_algorithm: hashes.HashAlgorithm | None,
+    rsa_padding: PKCS1v15 | PSS | None,
+) -> x509.Certificate: ...
+def create_x509_csr(
+    builder: x509.CertificateSigningRequestBuilder,
+    private_key: PrivateKeyTypes,
+    hash_algorithm: hashes.HashAlgorithm | None,
+    rsa_padding: PKCS1v15 | PSS | None,
+) -> x509.CertificateSigningRequest: ...
+def create_x509_crl(
+    builder: x509.CertificateRevocationListBuilder,
+    private_key: PrivateKeyTypes,
+    hash_algorithm: hashes.HashAlgorithm | None,
+    rsa_padding: PKCS1v15 | PSS | None,
+) -> x509.CertificateRevocationList: ...
+
+class Sct: ...
+class Certificate: ...
+class RevokedCertificate: ...
+class CertificateRevocationList: ...
+class CertificateSigningRequest: ...
+
+class PolicyBuilder:
+    def time(self, new_time: datetime.datetime) -> PolicyBuilder: ...
+    def store(self, new_store: Store) -> PolicyBuilder: ...
+    def max_chain_depth(self, new_max_chain_depth: int) -> PolicyBuilder: ...
+    def build_client_verifier(self) -> ClientVerifier: ...
+    def build_server_verifier(
+        self, subject: x509.verification.Subject
+    ) -> ServerVerifier: ...
+
+class VerifiedClient:
+    @property
+    def subjects(self) -> list[x509.GeneralName]: ...
+    @property
+    def chain(self) -> list[x509.Certificate]: ...
+
+class ClientVerifier:
+    @property
+    def validation_time(self) -> datetime.datetime: ...
+    @property
+    def store(self) -> Store: ...
+    @property
+    def max_chain_depth(self) -> int: ...
+    def verify(
+        self,
+        leaf: x509.Certificate,
+        intermediates: list[x509.Certificate],
+    ) -> VerifiedClient: ...
+
+class ServerVerifier:
+    @property
+    def subject(self) -> x509.verification.Subject: ...
+    @property
+    def validation_time(self) -> datetime.datetime: ...
+    @property
+    def store(self) -> Store: ...
+    @property
+    def max_chain_depth(self) -> int: ...
+    def verify(
+        self,
+        leaf: x509.Certificate,
+        intermediates: list[x509.Certificate],
+    ) -> list[x509.Certificate]: ...
+
+class Store:
+    def __init__(self, certs: list[x509.Certificate]) -> None: ...
+
+class VerificationError(Exception):
+    pass

.venv/lib/python3.11/site-packages/cryptography/hazmat/decrepit/__init__.py

@@ -0,0 +1,5 @@
+# This file is dual licensed under the terms of the Apache License, Version
+# 2.0, and the BSD License. See the LICENSE file in the root of this repository
+# for complete details.
+
+from __future__ import annotations

.venv/lib/python3.11/site-packages/cryptography/hazmat/decrepit/ciphers/__init__.py

@@ -0,0 +1,5 @@
+# This file is dual licensed under the terms of the Apache License, Version
+# 2.0, and the BSD License. See the LICENSE file in the root of this repository
+# for complete details.
+
+from __future__ import annotations

.venv/lib/python3.11/site-packages/cryptography/hazmat/decrepit/ciphers/algorithms.py

@@ -0,0 +1,107 @@
+# This file is dual licensed under the terms of the Apache License, Version
+# 2.0, and the BSD License. See the LICENSE file in the root of this repository
+# for complete details.
+
+from __future__ import annotations
+
+from cryptography.hazmat.primitives._cipheralgorithm import (
+    BlockCipherAlgorithm,
+    CipherAlgorithm,
+    _verify_key_size,
+)
+
+
+class ARC4(CipherAlgorithm):
+    name = "RC4"
+    key_sizes = frozenset([40, 56, 64, 80, 128, 160, 192, 256])
+
+    def __init__(self, key: bytes):
+        self.key = _verify_key_size(self, key)
+
+    @property
+    def key_size(self) -> int:
+        return len(self.key) * 8
+
+
+class TripleDES(BlockCipherAlgorithm):
+    name = "3DES"
+    block_size = 64
+    key_sizes = frozenset([64, 128, 192])
+
+    def __init__(self, key: bytes):
+        if len(key) == 8:
+            key += key + key
+        elif len(key) == 16:
+            key += key[:8]
+        self.key = _verify_key_size(self, key)
+
+    @property
+    def key_size(self) -> int:
+        return len(self.key) * 8
+
+
+class Blowfish(BlockCipherAlgorithm):
+    name = "Blowfish"
+    block_size = 64
+    key_sizes = frozenset(range(32, 449, 8))
+
+    def __init__(self, key: bytes):
+        self.key = _verify_key_size(self, key)
+
+    @property
+    def key_size(self) -> int:
+        return len(self.key) * 8
+
+
+class CAST5(BlockCipherAlgorithm):
+    name = "CAST5"
+    block_size = 64
+    key_sizes = frozenset(range(40, 129, 8))
+
+    def __init__(self, key: bytes):
+        self.key = _verify_key_size(self, key)
+
+    @property
+    def key_size(self) -> int:
+        return len(self.key) * 8
+
+
+class SEED(BlockCipherAlgorithm):
+    name = "SEED"
+    block_size = 128
+    key_sizes = frozenset([128])
+
+    def __init__(self, key: bytes):
+        self.key = _verify_key_size(self, key)
+
+    @property
+    def key_size(self) -> int:
+        return len(self.key) * 8
+
+
+class IDEA(BlockCipherAlgorithm):
+    name = "IDEA"
+    block_size = 64
+    key_sizes = frozenset([128])
+
+    def __init__(self, key: bytes):
+        self.key = _verify_key_size(self, key)
+
+    @property
+    def key_size(self) -> int:
+        return len(self.key) * 8
+
+
+# This class only allows RC2 with a 128-bit key. No support for
+# effective key bits or other key sizes is provided.
+class RC2(BlockCipherAlgorithm):
+    name = "RC2"
+    block_size = 64
+    key_sizes = frozenset([128])
+
+    def __init__(self, key: bytes):
+        self.key = _verify_key_size(self, key)
+
+    @property
+    def key_size(self) -> int:
+        return len(self.key) * 8

.venv/lib/python3.11/site-packages/cryptography/hazmat/primitives/ciphers/__init__.py

@@ -0,0 +1,27 @@
+# This file is dual licensed under the terms of the Apache License, Version
+# 2.0, and the BSD License. See the LICENSE file in the root of this repository
+# for complete details.
+
+from __future__ import annotations
+
+from cryptography.hazmat.primitives._cipheralgorithm import (
+    BlockCipherAlgorithm,
+    CipherAlgorithm,
+)
+from cryptography.hazmat.primitives.ciphers.base import (
+    AEADCipherContext,
+    AEADDecryptionContext,
+    AEADEncryptionContext,
+    Cipher,
+    CipherContext,
+)
+
+__all__ = [
+    "AEADCipherContext",
+    "AEADDecryptionContext",
+    "AEADEncryptionContext",
+    "BlockCipherAlgorithm",
+    "Cipher",
+    "CipherAlgorithm",
+    "CipherContext",
+]

.venv/lib/python3.11/site-packages/cryptography/hazmat/primitives/ciphers/aead.py

@@ -0,0 +1,23 @@
+# This file is dual licensed under the terms of the Apache License, Version
+# 2.0, and the BSD License. See the LICENSE file in the root of this repository
+# for complete details.
+
+from __future__ import annotations
+
+from cryptography.hazmat.bindings._rust import openssl as rust_openssl
+
+__all__ = [
+    "AESCCM",
+    "AESGCM",
+    "AESGCMSIV",
+    "AESOCB3",
+    "AESSIV",
+    "ChaCha20Poly1305",
+]
+
+AESGCM = rust_openssl.aead.AESGCM
+ChaCha20Poly1305 = rust_openssl.aead.ChaCha20Poly1305
+AESCCM = rust_openssl.aead.AESCCM
+AESSIV = rust_openssl.aead.AESSIV
+AESOCB3 = rust_openssl.aead.AESOCB3
+AESGCMSIV = rust_openssl.aead.AESGCMSIV

.venv/lib/python3.11/site-packages/cryptography/hazmat/primitives/ciphers/algorithms.py

@@ -0,0 +1,177 @@
+# This file is dual licensed under the terms of the Apache License, Version
+# 2.0, and the BSD License. See the LICENSE file in the root of this repository
+# for complete details.
+
+from __future__ import annotations
+
+from cryptography import utils
+from cryptography.hazmat.decrepit.ciphers.algorithms import (
+    ARC4 as ARC4,
+)
+from cryptography.hazmat.decrepit.ciphers.algorithms import (
+    CAST5 as CAST5,
+)
+from cryptography.hazmat.decrepit.ciphers.algorithms import (
+    IDEA as IDEA,
+)
+from cryptography.hazmat.decrepit.ciphers.algorithms import (
+    SEED as SEED,
+)
+from cryptography.hazmat.decrepit.ciphers.algorithms import (
+    Blowfish as Blowfish,
+)
+from cryptography.hazmat.decrepit.ciphers.algorithms import (
+    TripleDES as TripleDES,
+)
+from cryptography.hazmat.primitives._cipheralgorithm import _verify_key_size
+from cryptography.hazmat.primitives.ciphers import (
+    BlockCipherAlgorithm,
+    CipherAlgorithm,
+)
+
+
+class AES(BlockCipherAlgorithm):
+    name = "AES"
+    block_size = 128
+    # 512 added to support AES-256-XTS, which uses 512-bit keys
+    key_sizes = frozenset([128, 192, 256, 512])
+
+    def __init__(self, key: bytes):
+        self.key = _verify_key_size(self, key)
+
+    @property
+    def key_size(self) -> int:
+        return len(self.key) * 8
+
+
+class AES128(BlockCipherAlgorithm):
+    name = "AES"
+    block_size = 128
+    key_sizes = frozenset([128])
+    key_size = 128
+
+    def __init__(self, key: bytes):
+        self.key = _verify_key_size(self, key)
+
+
+class AES256(BlockCipherAlgorithm):
+    name = "AES"
+    block_size = 128
+    key_sizes = frozenset([256])
+    key_size = 256
+
+    def __init__(self, key: bytes):
+        self.key = _verify_key_size(self, key)
+
+
+class Camellia(BlockCipherAlgorithm):
+    name = "camellia"
+    block_size = 128
+    key_sizes = frozenset([128, 192, 256])
+
+    def __init__(self, key: bytes):
+        self.key = _verify_key_size(self, key)
+
+    @property
+    def key_size(self) -> int:
+        return len(self.key) * 8
+
+
+utils.deprecated(
+    ARC4,
+    __name__,
+    "ARC4 has been moved to "
+    "cryptography.hazmat.decrepit.ciphers.algorithms.ARC4 and "
+    "will be removed from this module in 48.0.0.",
+    utils.DeprecatedIn43,
+    name="ARC4",
+)
+
+
+utils.deprecated(
+    TripleDES,
+    __name__,
+    "TripleDES has been moved to "
+    "cryptography.hazmat.decrepit.ciphers.algorithms.TripleDES and "
+    "will be removed from this module in 48.0.0.",
+    utils.DeprecatedIn43,
+    name="TripleDES",
+)
+
+utils.deprecated(
+    Blowfish,
+    __name__,
+    "Blowfish has been moved to "
+    "cryptography.hazmat.decrepit.ciphers.algorithms.Blowfish and "
+    "will be removed from this module in 45.0.0.",
+    utils.DeprecatedIn37,
+    name="Blowfish",
+)
+
+
+utils.deprecated(
+    CAST5,
+    __name__,
+    "CAST5 has been moved to "
+    "cryptography.hazmat.decrepit.ciphers.algorithms.CAST5 and "
+    "will be removed from this module in 45.0.0.",
+    utils.DeprecatedIn37,
+    name="CAST5",
+)
+
+
+utils.deprecated(
+    IDEA,
+    __name__,
+    "IDEA has been moved to "
+    "cryptography.hazmat.decrepit.ciphers.algorithms.IDEA and "
+    "will be removed from this module in 45.0.0.",
+    utils.DeprecatedIn37,
+    name="IDEA",
+)
+
+
+utils.deprecated(
+    SEED,
+    __name__,
+    "SEED has been moved to "
+    "cryptography.hazmat.decrepit.ciphers.algorithms.SEED and "
+    "will be removed from this module in 45.0.0.",
+    utils.DeprecatedIn37,
+    name="SEED",
+)
+
+
+class ChaCha20(CipherAlgorithm):
+    name = "ChaCha20"
+    key_sizes = frozenset([256])
+
+    def __init__(self, key: bytes, nonce: bytes):
+        self.key = _verify_key_size(self, key)
+        utils._check_byteslike("nonce", nonce)
+
+        if len(nonce) != 16:
+            raise ValueError("nonce must be 128-bits (16 bytes)")
+
+        self._nonce = nonce
+
+    @property
+    def nonce(self) -> bytes:
+        return self._nonce
+
+    @property
+    def key_size(self) -> int:
+        return len(self.key) * 8
+
+
+class SM4(BlockCipherAlgorithm):
+    name = "SM4"
+    block_size = 128
+    key_sizes = frozenset([128])
+
+    def __init__(self, key: bytes):
+        self.key = _verify_key_size(self, key)
+
+    @property
+    def key_size(self) -> int:
+        return len(self.key) * 8

.venv/lib/python3.11/site-packages/cryptography/hazmat/primitives/ciphers/base.py

@@ -0,0 +1,145 @@
+# This file is dual licensed under the terms of the Apache License, Version
+# 2.0, and the BSD License. See the LICENSE file in the root of this repository
+# for complete details.
+
+from __future__ import annotations
+
+import abc
+import typing
+
+from cryptography.hazmat.bindings._rust import openssl as rust_openssl
+from cryptography.hazmat.primitives._cipheralgorithm import CipherAlgorithm
+from cryptography.hazmat.primitives.ciphers import modes
+
+
+class CipherContext(metaclass=abc.ABCMeta):
+    @abc.abstractmethod
+    def update(self, data: bytes) -> bytes:
+        """
+        Processes the provided bytes through the cipher and returns the results
+        as bytes.
+        """
+
+    @abc.abstractmethod
+    def update_into(self, data: bytes, buf: bytes) -> int:
+        """
+        Processes the provided bytes and writes the resulting data into the
+        provided buffer. Returns the number of bytes written.
+        """
+
+    @abc.abstractmethod
+    def finalize(self) -> bytes:
+        """
+        Returns the results of processing the final block as bytes.
+        """
+
+    @abc.abstractmethod
+    def reset_nonce(self, nonce: bytes) -> None:
+        """
+        Resets the nonce for the cipher context to the provided value.
+        Raises an exception if it does not support reset or if the
+        provided nonce does not have a valid length.
+        """
+
+
+class AEADCipherContext(CipherContext, metaclass=abc.ABCMeta):
+    @abc.abstractmethod
+    def authenticate_additional_data(self, data: bytes) -> None:
+        """
+        Authenticates the provided bytes.
+        """
+
+
+class AEADDecryptionContext(AEADCipherContext, metaclass=abc.ABCMeta):
+    @abc.abstractmethod
+    def finalize_with_tag(self, tag: bytes) -> bytes:
+        """
+        Returns the results of processing the final block as bytes and allows
+        delayed passing of the authentication tag.
+        """
+
+
+class AEADEncryptionContext(AEADCipherContext, metaclass=abc.ABCMeta):
+    @property
+    @abc.abstractmethod
+    def tag(self) -> bytes:
+        """
+        Returns tag bytes. This is only available after encryption is
+        finalized.
+        """
+
+
+Mode = typing.TypeVar(
+    "Mode", bound=typing.Optional[modes.Mode], covariant=True
+)
+
+
+class Cipher(typing.Generic[Mode]):
+    def __init__(
+        self,
+        algorithm: CipherAlgorithm,
+        mode: Mode,
+        backend: typing.Any = None,
+    ) -> None:
+        if not isinstance(algorithm, CipherAlgorithm):
+            raise TypeError("Expected interface of CipherAlgorithm.")
+
+        if mode is not None:
+            # mypy needs this assert to narrow the type from our generic
+            # type. Maybe it won't some time in the future.
+            assert isinstance(mode, modes.Mode)
+            mode.validate_for_algorithm(algorithm)
+
+        self.algorithm = algorithm
+        self.mode = mode
+
+    @typing.overload
+    def encryptor(
+        self: Cipher[modes.ModeWithAuthenticationTag],
+    ) -> AEADEncryptionContext: ...
+
+    @typing.overload
+    def encryptor(
+        self: _CIPHER_TYPE,
+    ) -> CipherContext: ...
+
+    def encryptor(self):
+        if isinstance(self.mode, modes.ModeWithAuthenticationTag):
+            if self.mode.tag is not None:
+                raise ValueError(
+                    "Authentication tag must be None when encrypting."
+                )
+
+        return rust_openssl.ciphers.create_encryption_ctx(
+            self.algorithm, self.mode
+        )
+
+    @typing.overload
+    def decryptor(
+        self: Cipher[modes.ModeWithAuthenticationTag],
+    ) -> AEADDecryptionContext: ...
+
+    @typing.overload
+    def decryptor(
+        self: _CIPHER_TYPE,
+    ) -> CipherContext: ...
+
+    def decryptor(self):
+        return rust_openssl.ciphers.create_decryption_ctx(
+            self.algorithm, self.mode
+        )
+
+
+_CIPHER_TYPE = Cipher[
+    typing.Union[
+        modes.ModeWithNonce,
+        modes.ModeWithTweak,
+        None,
+        modes.ECB,
+        modes.ModeWithInitializationVector,
+    ]
+]
+
+CipherContext.register(rust_openssl.ciphers.CipherContext)
+AEADEncryptionContext.register(rust_openssl.ciphers.AEADEncryptionContext)
+AEADDecryptionContext.register(rust_openssl.ciphers.AEADDecryptionContext)

.venv/lib/python3.11/site-packages/cryptography/hazmat/primitives/ciphers/modes.py

@@ -0,0 +1,268 @@
+# This file is dual licensed under the terms of the Apache License, Version
+# 2.0, and the BSD License. See the LICENSE file in the root of this repository
+# for complete details.
+
+from __future__ import annotations
+
+import abc
+
+from cryptography import utils
+from cryptography.exceptions import UnsupportedAlgorithm, _Reasons
+from cryptography.hazmat.primitives._cipheralgorithm import (
+    BlockCipherAlgorithm,
+    CipherAlgorithm,
+)
+from cryptography.hazmat.primitives.ciphers import algorithms
+
+
+class Mode(metaclass=abc.ABCMeta):
+    @property
+    @abc.abstractmethod
+    def name(self) -> str:
+        """
+        A string naming this mode (e.g. "ECB", "CBC").
+        """
+
+    @abc.abstractmethod
+    def validate_for_algorithm(self, algorithm: CipherAlgorithm) -> None:
+        """
+        Checks that all the necessary invariants of this (mode, algorithm)
+        combination are met.
+        """
+
+
+class ModeWithInitializationVector(Mode, metaclass=abc.ABCMeta):
+    @property
+    @abc.abstractmethod
+    def initialization_vector(self) -> bytes:
+        """
+        The value of the initialization vector for this mode as bytes.
+        """
+
+
+class ModeWithTweak(Mode, metaclass=abc.ABCMeta):
+    @property
+    @abc.abstractmethod
+    def tweak(self) -> bytes:
+        """
+        The value of the tweak for this mode as bytes.
+        """
+
+
+class ModeWithNonce(Mode, metaclass=abc.ABCMeta):
+    @property
+    @abc.abstractmethod
+    def nonce(self) -> bytes:
+        """
+        The value of the nonce for this mode as bytes.
+        """
+
+
+class ModeWithAuthenticationTag(Mode, metaclass=abc.ABCMeta):
+    @property
+    @abc.abstractmethod
+    def tag(self) -> bytes | None:
+        """
+        The value of the tag supplied to the constructor of this mode.
+        """
+
+
+def _check_aes_key_length(self: Mode, algorithm: CipherAlgorithm) -> None:
+    if algorithm.key_size > 256 and algorithm.name == "AES":
+        raise ValueError(
+            "Only 128, 192, and 256 bit keys are allowed for this AES mode"
+        )
+
+
+def _check_iv_length(
+    self: ModeWithInitializationVector, algorithm: BlockCipherAlgorithm
+) -> None:
+    iv_len = len(self.initialization_vector)
+    if iv_len * 8 != algorithm.block_size:
+        raise ValueError(f"Invalid IV size ({iv_len}) for {self.name}.")
+
+
+def _check_nonce_length(
+    nonce: bytes, name: str, algorithm: CipherAlgorithm
+) -> None:
+    if not isinstance(algorithm, BlockCipherAlgorithm):
+        raise UnsupportedAlgorithm(
+            f"{name} requires a block cipher algorithm",
+            _Reasons.UNSUPPORTED_CIPHER,
+        )
+    if len(nonce) * 8 != algorithm.block_size:
+        raise ValueError(f"Invalid nonce size ({len(nonce)}) for {name}.")
+
+
+def _check_iv_and_key_length(
+    self: ModeWithInitializationVector, algorithm: CipherAlgorithm
+) -> None:
+    if not isinstance(algorithm, BlockCipherAlgorithm):
+        raise UnsupportedAlgorithm(
+            f"{self} requires a block cipher algorithm",
+            _Reasons.UNSUPPORTED_CIPHER,
+        )
+    _check_aes_key_length(self, algorithm)
+    _check_iv_length(self, algorithm)
+
+
+class CBC(ModeWithInitializationVector):
+    name = "CBC"
+
+    def __init__(self, initialization_vector: bytes):
+        utils._check_byteslike("initialization_vector", initialization_vector)
+        self._initialization_vector = initialization_vector
+
+    @property
+    def initialization_vector(self) -> bytes:
+        return self._initialization_vector
+
+    validate_for_algorithm = _check_iv_and_key_length
+
+
+class XTS(ModeWithTweak):
+    name = "XTS"
+
+    def __init__(self, tweak: bytes):
+        utils._check_byteslike("tweak", tweak)
+
+        if len(tweak) != 16:
+            raise ValueError("tweak must be 128-bits (16 bytes)")
+
+        self._tweak = tweak
+
+    @property
+    def tweak(self) -> bytes:
+        return self._tweak
+
+    def validate_for_algorithm(self, algorithm: CipherAlgorithm) -> None:
+        if isinstance(algorithm, (algorithms.AES128, algorithms.AES256)):
+            raise TypeError(
+                "The AES128 and AES256 classes do not support XTS, please use "
+                "the standard AES class instead."
+            )
+
+        if algorithm.key_size not in (256, 512):
+            raise ValueError(
+                "The XTS specification requires a 256-bit key for AES-128-XTS"
+                " and 512-bit key for AES-256-XTS"
+            )
+
+
+class ECB(Mode):
+    name = "ECB"
+
+    validate_for_algorithm = _check_aes_key_length
+
+
+class OFB(ModeWithInitializationVector):
+    name = "OFB"
+
+    def __init__(self, initialization_vector: bytes):
+        utils._check_byteslike("initialization_vector", initialization_vector)
+        self._initialization_vector = initialization_vector
+
+    @property
+    def initialization_vector(self) -> bytes:
+        return self._initialization_vector
+
+    validate_for_algorithm = _check_iv_and_key_length
+
+
+class CFB(ModeWithInitializationVector):
+    name = "CFB"
+
+    def __init__(self, initialization_vector: bytes):
+        utils._check_byteslike("initialization_vector", initialization_vector)
+        self._initialization_vector = initialization_vector
+
+    @property
+    def initialization_vector(self) -> bytes:
+        return self._initialization_vector
+
+    validate_for_algorithm = _check_iv_and_key_length
+
+
+class CFB8(ModeWithInitializationVector):
+    name = "CFB8"
+
+    def __init__(self, initialization_vector: bytes):
+        utils._check_byteslike("initialization_vector", initialization_vector)
+        self._initialization_vector = initialization_vector
+
+    @property
+    def initialization_vector(self) -> bytes:
+        return self._initialization_vector
+
+    validate_for_algorithm = _check_iv_and_key_length
+
+
+class CTR(ModeWithNonce):
+    name = "CTR"
+
+    def __init__(self, nonce: bytes):
+        utils._check_byteslike("nonce", nonce)
+        self._nonce = nonce
+
+    @property
+    def nonce(self) -> bytes:
+        return self._nonce
+
+    def validate_for_algorithm(self, algorithm: CipherAlgorithm) -> None:
+        _check_aes_key_length(self, algorithm)
+        _check_nonce_length(self.nonce, self.name, algorithm)
+
+
+class GCM(ModeWithInitializationVector, ModeWithAuthenticationTag):
+    name = "GCM"
+    _MAX_ENCRYPTED_BYTES = (2**39 - 256) // 8
+    _MAX_AAD_BYTES = (2**64) // 8
+
+    def __init__(
+        self,
+        initialization_vector: bytes,
+        tag: bytes | None = None,
+        min_tag_length: int = 16,
+    ):
+        # OpenSSL 3.0.0 constrains GCM IVs to [64, 1024] bits inclusive
+        # This is a sane limit anyway so we'll enforce it here.
+        utils._check_byteslike("initialization_vector", initialization_vector)
+        if len(initialization_vector) < 8 or len(initialization_vector) > 128:
+            raise ValueError(
+                "initialization_vector must be between 8 and 128 bytes (64 "
+                "and 1024 bits)."
+            )
+        self._initialization_vector = initialization_vector
+        if tag is not None:
+            utils._check_bytes("tag", tag)
+            if min_tag_length < 4:
+                raise ValueError("min_tag_length must be >= 4")
+            if len(tag) < min_tag_length:
+                raise ValueError(
+                    f"Authentication tag must be {min_tag_length} bytes or "
+                    "longer."
+                )
+        self._tag = tag
+        self._min_tag_length = min_tag_length
+
+    @property
+    def tag(self) -> bytes | None:
+        return self._tag
+
+    @property
+    def initialization_vector(self) -> bytes:
+        return self._initialization_vector
+
+    def validate_for_algorithm(self, algorithm: CipherAlgorithm) -> None:
+        _check_aes_key_length(self, algorithm)
+        if not isinstance(algorithm, BlockCipherAlgorithm):
+            raise UnsupportedAlgorithm(
+                "GCM requires a block cipher algorithm",
+                _Reasons.UNSUPPORTED_CIPHER,
+            )
+        block_size_bytes = algorithm.block_size // 8
+        if self._tag is not None and len(self._tag) > block_size_bytes:
+            raise ValueError(
+                f"Authentication tag cannot be more than {block_size_bytes} "
+                "bytes."
+            )

.venv/lib/python3.11/site-packages/cryptography/hazmat/primitives/kdf/__init__.py

@@ -0,0 +1,23 @@
+# This file is dual licensed under the terms of the Apache License, Version
+# 2.0, and the BSD License. See the LICENSE file in the root of this repository
+# for complete details.
+
+from __future__ import annotations
+
+import abc
+
+
+class KeyDerivationFunction(metaclass=abc.ABCMeta):
+    @abc.abstractmethod
+    def derive(self, key_material: bytes) -> bytes:
+        """
+        Deterministically generates and returns a new key based on the existing
+        key material.
+        """
+
+    @abc.abstractmethod
+    def verify(self, key_material: bytes, expected_key: bytes) -> None:
+        """
+        Checks whether the key generated by the key material matches the
+        expected derived key. Raises an exception if they do not match.
+        """