AES

Implementation of AES cipher.

class pyflocker.ciphers.backends.cryptodome_.AES.AEAD(encrypting: bool, key: bytes, mode: Modes, nonce: bytes)[source]

Bases: AEADCipherTemplate

property mode: Modes

The AES mode.

class pyflocker.ciphers.backends.cryptodome_.AES.NonAEAD(encrypting: bool, key: bytes, mode: Modes, nonce: bytes)[source]

Bases: NonAEADCipherTemplate

property mode: Modes

The AES mode.

class pyflocker.ciphers.backends.cryptodome_.AES.AEADOneShot(encrypting: bool, key: bytes, mode: Modes, nonce: bytes)[source]

Bases: AuthenticationMixin, BaseAEADOneShotCipher

is_encrypting() bool[source]

Whether the cipher is encrypting or not.

Returns:

True if encrypting, else False.

property mode: Modes

The AES mode.

update(data: bytes, tag: bytes | None = None) bytes[source]

Encrypt or decrypt data.

Tag is required only for decryption. The cipher is finalized after calling this method.

Parameters:

  • data – A bytes-like object to pass to the cipher.

  • tag – The associated tag that authenticates the decryption. Tag is required for decryption only.

Returns:

Encrypted/decrypted data as bytes object.

update_into(data: bytes, out: bytearray | memoryview, tag: bytes | None = None) None[source]

Encrypt or decrypt data and write it to out.

If decrypting, the MAC tag must be provided. The cipher is finalized after calling this method.

Parameters:

  • data – The bytes-like oject to pass to the cipher.

  • out – The buffer interface where the encrypted/decrypted data must be written into.

  • tag – The associated tag that authenticates the decryption. Tag is required for decryption only.

pyflocker.ciphers.backends.cryptodome_.AES.new(encrypting: bool, key: bytes, mode: Modes, iv_or_nonce: bytes, *, use_hmac: bool = False, tag_length: int | None = 16, digestmod: None | base.BaseHash = None, file: io.BytesIO | io.BufferedReader | None = None) AEAD | NonAEAD | AEADOneShot | FileCipherWrapper | HMACWrapper[source]

Create a new backend specific AES cipher.

Parameters:

  • encrypting – True is encryption and False is decryption.

  • key – The key for the cipher.

  • mode – The mode to use for AES cipher.

  • iv_or_nonce – The Initialization Vector or Nonce for the cipher. It must not be repeated with the same key.

Keyword Arguments:

  • use_hmac – Should the cipher use HMAC as authentication or not, if it does not support AEAD. (Default: False)

  • tag_length – Length of HMAC tag. By default, a 16 byte tag is generated. If tag_length is None, a non-truncated tag is generated. Length of non-truncated tag depends on the digest size of the underlying hash algorithm used by HMAC.

  • digestmod – The algorithm to use for HMAC. If None, Defaults to sha256. Specifying this value without setting use_hmac to True has no effect.

  • file – The source file to read from. If file is specified and the mode is not an AEAD mode, HMAC is always used.

Important

The following arguments are ignored if the mode is an AEAD mode:

  • use_hmac

  • tag_length

  • digestmod

Returns:

AES cipher.

Raises:

NotImplementedError – if the mode does not support encryption/decryption of files or the mode is not supported by the backend.

Note

Any other error that is raised is from the backend itself.

pyflocker.ciphers.backends.cryptodome_.AES.supported_modes() set[Modes][source]

Lists all modes supported by AES cipher of this backend.

Returns:

set of Modes object supported by backend.