Tools related to symmetric ciphers

Cryptodome backend specific templates and tools for symmetric ciphers.

class pyflocker.ciphers.backends.cryptodome_.symmetric.NonAEADCipherTemplate

Bases: BaseNonAEADCipher

Template class to provide the default behavior of BaseNonAEADCipher.

Subclasses need to provide:

• _encrypting

• _update_func

is_encrypting() → bool

Whether the cipher is encrypting or not.

Returns:

True if encrypting, else False.

update(data: bytes) → bytes

Takes bytes-like object and returns encrypted/decrypted bytes object.

Parameters:

data – The bytes-like object to pass to the cipher.

Returns:

Encrypted/decrypted data as bytes.

update_into(data: bytes, out: bytearray | memoryview) → None

Encrypt or decrypt the data and store it in a preallocated buffer out.

Parameters:

• data – The bytes-like object to pass to the cipher.

• out – The buffer interface where the encrypted/decrypted data must be written into.

finalize() → None

Finalizes and closes the cipher.

Raises:

AlreadyFinalized – If the cipher was already finalized.

class pyflocker.ciphers.backends.cryptodome_.symmetric.AuthenticationMixin

Bases: object

Mixin class to provide authentication behavior to ciphers.

Classes inheriting this must provide these attributes:

_updated

A boolean indicating whether update() method of _cipher was called.

Type:

bool

_cipher

A cipher from Cryptodome package that has update() and verify() methods.

Type:

Any

_update_func

A method of _cipher that encrypts/decrypts data. It is generally _cipher.encrypt() or _cipher.decrypt().

Type:

Callable

_tag

A byte sequence denoting the MAC tag generated by the cipher after encryption.

Type:

bytes | None

authenticate(data: bytes) → None

Authenticates part of the message that get delivered as is, without any encryption.

Parameters:

data – The bytes-like object that must be authenticated.

Raises:

TypeError – if this method is called after calling update().

finalize(tag: bytes | None = None) → None

Finalizes and ends the cipher state.

Parameters:

tag – The associated tag that authenticates the decryption. Tag is required for decryption only.

Raises:

• ValueError – If cipher is decrypting and tag is not supplied.

• DecryptionError – If the decryption was incorrect.

calculate_tag() → bytes | None

Calculates and returns the associated tag.

Returns:

Returns None if decrypting, otherwise the associated authentication tag.

class pyflocker.ciphers.backends.cryptodome_.symmetric.AEADCipherTemplate

Bases: AuthenticationMixin, BaseAEADCipher

Template class to provide the default behavior of BaseAEADCipher.

Subclasses need to provide the following attributes:

• _encrypting

• _update_func

• _cipher

is_encrypting() → bool

Whether the cipher is encrypting or not.

Returns:

True if encrypting, else False.

update(data: bytes) → bytes

Takes bytes-like object and returns encrypted/decrypted bytes object.

Parameters:

data – The bytes-like object to pass to the cipher.

Returns:

Encrypted/decrypted data as bytes.

update_into(data: bytes, out: bytearray | memoryview) → None

Encrypt or decrypt the data and store it in a preallocated buffer out.

Parameters:

• data – The bytes-like object to pass to the cipher.

• out – The buffer interface where the encrypted/decrypted data must be written into.