AES¶
Implementation of AES cipher.
- class pyflocker.ciphers.backends.cryptodome_.AES.AEAD(encrypting: bool, key: bytes, mode: Modes, nonce: bytes)[source]¶
Bases:
AEADCipherTemplate
- class pyflocker.ciphers.backends.cryptodome_.AES.NonAEAD(encrypting: bool, key: bytes, mode: Modes, nonce: bytes)[source]¶
Bases:
NonAEADCipherTemplate
- class pyflocker.ciphers.backends.cryptodome_.AES.AEADOneShot(encrypting: bool, key: bytes, mode: Modes, nonce: bytes)[source]¶
Bases:
AuthenticationMixin
,BaseAEADOneShotCipher
- is_encrypting() bool [source]¶
Whether the cipher is encrypting or not.
- Returns:
True
if encrypting, elseFalse
.
- update(data: bytes, tag: bytes | None = None) bytes [source]¶
Encrypt or decrypt
data
.Tag is required only for decryption. The cipher is finalized after calling this method.
- Parameters:
data – A bytes-like object to pass to the cipher.
tag – The associated tag that authenticates the decryption. Tag is required for decryption only.
- Returns:
Encrypted/decrypted data as bytes object.
- update_into(data: bytes, out: bytearray | memoryview, tag: bytes | None = None) None [source]¶
Encrypt or decrypt
data
and write it toout
.If decrypting, the MAC tag must be provided. The cipher is finalized after calling this method.
- Parameters:
data – The bytes-like oject to pass to the cipher.
out – The buffer interface where the encrypted/decrypted data must be written into.
tag – The associated tag that authenticates the decryption. Tag is required for decryption only.
- pyflocker.ciphers.backends.cryptodome_.AES.new(encrypting: bool, key: bytes, mode: Modes, iv_or_nonce: bytes, *, use_hmac: bool = False, tag_length: int | None = 16, digestmod: None | base.BaseHash = None, file: io.BytesIO | io.BufferedReader | None = None) AEAD | NonAEAD | AEADOneShot | FileCipherWrapper | HMACWrapper [source]¶
Create a new backend specific AES cipher.
- Parameters:
encrypting – True is encryption and False is decryption.
key – The key for the cipher.
mode – The mode to use for AES cipher.
iv_or_nonce – The Initialization Vector or Nonce for the cipher. It must not be repeated with the same key.
- Keyword Arguments:
use_hmac – Should the cipher use HMAC as authentication or not, if it does not support AEAD. (Default: False)
tag_length – Length of HMAC tag. By default, a 16 byte tag is generated. If
tag_length
isNone
, a non-truncated tag is generated. Length of non-truncated tag depends on the digest size of the underlying hash algorithm used by HMAC.digestmod – The algorithm to use for HMAC. If
None
, Defaults tosha256
. Specifying this value without settinguse_hmac
to True has no effect.file – The source file to read from. If
file
is specified and themode
is not an AEAD mode, HMAC is always used.
Important
The following arguments are ignored if the mode is an AEAD mode:
use_hmac
tag_length
digestmod
- Returns:
AES cipher.
- Raises:
NotImplementedError – if the
mode
does not support encryption/decryption of files or the mode is not supported by the backend.
Note
Any other error that is raised is from the backend itself.