aboutsummaryrefslogtreecommitdiff
path: root/frozen_deps/Cryptodome/Cipher/AES.py
diff options
context:
space:
mode:
Diffstat (limited to 'frozen_deps/Cryptodome/Cipher/AES.py')
-rw-r--r--frozen_deps/Cryptodome/Cipher/AES.py174
1 files changed, 79 insertions, 95 deletions
diff --git a/frozen_deps/Cryptodome/Cipher/AES.py b/frozen_deps/Cryptodome/Cipher/AES.py
index 566a207..402a3d7 100644
--- a/frozen_deps/Cryptodome/Cipher/AES.py
+++ b/frozen_deps/Cryptodome/Cipher/AES.py
@@ -19,21 +19,6 @@
# CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
# SOFTWARE.
# ===================================================================
-"""
-Module's constants for the modes of operation supported with AES:
-
-:var MODE_ECB: :ref:`Electronic Code Book (ECB) <ecb_mode>`
-:var MODE_CBC: :ref:`Cipher-Block Chaining (CBC) <cbc_mode>`
-:var MODE_CFB: :ref:`Cipher FeedBack (CFB) <cfb_mode>`
-:var MODE_OFB: :ref:`Output FeedBack (OFB) <ofb_mode>`
-:var MODE_CTR: :ref:`CounTer Mode (CTR) <ctr_mode>`
-:var MODE_OPENPGP: :ref:`OpenPGP Mode <openpgp_mode>`
-:var MODE_CCM: :ref:`Counter with CBC-MAC (CCM) Mode <ccm_mode>`
-:var MODE_EAX: :ref:`EAX Mode <eax_mode>`
-:var MODE_GCM: :ref:`Galois Counter Mode (GCM) <gcm_mode>`
-:var MODE_SIV: :ref:`Syntethic Initialization Vector (SIV) <siv_mode>`
-:var MODE_OCB: :ref:`Offset Code Book (OCB) <ocb_mode>`
-"""
import sys
@@ -45,6 +30,18 @@ from Cryptodome.Util._raw_api import (load_pycryptodome_raw_lib,
from Cryptodome.Util import _cpu_features
from Cryptodome.Random import get_random_bytes
+MODE_ECB = 1 #: Electronic Code Book (:ref:`ecb_mode`)
+MODE_CBC = 2 #: Cipher-Block Chaining (:ref:`cbc_mode`)
+MODE_CFB = 3 #: Cipher Feedback (:ref:`cfb_mode`)
+MODE_OFB = 5 #: Output Feedback (:ref:`ofb_mode`)
+MODE_CTR = 6 #: Counter mode (:ref:`ctr_mode`)
+MODE_OPENPGP = 7 #: OpenPGP mode (:ref:`openpgp_mode`)
+MODE_CCM = 8 #: Counter with CBC-MAC (:ref:`ccm_mode`)
+MODE_EAX = 9 #: :ref:`eax_mode`
+MODE_SIV = 10 #: Synthetic Initialization Vector (:ref:`siv_mode`)
+MODE_GCM = 11 #: Galois Counter Mode (:ref:`gcm_mode`)
+MODE_OCB = 12 #: Offset Code Book (:ref:`ocb_mode`)
+
_cproto = """
int AES_start_operation(const uint8_t key[],
@@ -130,120 +127,107 @@ def _derive_Poly1305_key_pair(key, nonce):
def new(key, mode, *args, **kwargs):
"""Create a new AES cipher.
- :param key:
+ Args:
+ key(bytes/bytearray/memoryview):
The secret key to use in the symmetric cipher.
- It must be 16, 24 or 32 bytes long (respectively for *AES-128*,
- *AES-192* or *AES-256*).
+ It must be 16 (*AES-128)*, 24 (*AES-192*) or 32 (*AES-256*) bytes long.
For ``MODE_SIV`` only, it doubles to 32, 48, or 64 bytes.
- :type key: bytes/bytearray/memoryview
-
- :param mode:
+ mode (a ``MODE_*`` constant):
The chaining mode to use for encryption or decryption.
If in doubt, use ``MODE_EAX``.
- :type mode: One of the supported ``MODE_*`` constants
- :Keyword Arguments:
- * **iv** (*bytes*, *bytearray*, *memoryview*) --
- (Only applicable for ``MODE_CBC``, ``MODE_CFB``, ``MODE_OFB``,
- and ``MODE_OPENPGP`` modes).
+ Keyword Args:
+ iv (bytes/bytearray/memoryview):
+ (Only applicable for ``MODE_CBC``, ``MODE_CFB``, ``MODE_OFB``,
+ and ``MODE_OPENPGP`` modes).
- The initialization vector to use for encryption or decryption.
+ The initialization vector to use for encryption or decryption.
- For ``MODE_CBC``, ``MODE_CFB``, and ``MODE_OFB`` it must be 16 bytes long.
+ For ``MODE_CBC``, ``MODE_CFB``, and ``MODE_OFB`` it must be 16 bytes long.
- For ``MODE_OPENPGP`` mode only,
- it must be 16 bytes long for encryption
- and 18 bytes for decryption (in the latter case, it is
- actually the *encrypted* IV which was prefixed to the ciphertext).
+ For ``MODE_OPENPGP`` mode only,
+ it must be 16 bytes long for encryption
+ and 18 bytes for decryption (in the latter case, it is
+ actually the *encrypted* IV which was prefixed to the ciphertext).
- If not provided, a random byte string is generated (you must then
- read its value with the :attr:`iv` attribute).
+ If not provided, a random byte string is generated (you must then
+ read its value with the :attr:`iv` attribute).
- * **nonce** (*bytes*, *bytearray*, *memoryview*) --
- (Only applicable for ``MODE_CCM``, ``MODE_EAX``, ``MODE_GCM``,
- ``MODE_SIV``, ``MODE_OCB``, and ``MODE_CTR``).
+ nonce (bytes/bytearray/memoryview):
+ (Only applicable for ``MODE_CCM``, ``MODE_EAX``, ``MODE_GCM``,
+ ``MODE_SIV``, ``MODE_OCB``, and ``MODE_CTR``).
- A value that must never be reused for any other encryption done
- with this key (except possibly for ``MODE_SIV``, see below).
+ A value that must never be reused for any other encryption done
+ with this key (except possibly for ``MODE_SIV``, see below).
- For ``MODE_EAX``, ``MODE_GCM`` and ``MODE_SIV`` there are no
- restrictions on its length (recommended: **16** bytes).
+ For ``MODE_EAX``, ``MODE_GCM`` and ``MODE_SIV`` there are no
+ restrictions on its length (recommended: **16** bytes).
- For ``MODE_CCM``, its length must be in the range **[7..13]**.
- Bear in mind that with CCM there is a trade-off between nonce
- length and maximum message size. Recommendation: **11** bytes.
+ For ``MODE_CCM``, its length must be in the range **[7..13]**.
+ Bear in mind that with CCM there is a trade-off between nonce
+ length and maximum message size. Recommendation: **11** bytes.
- For ``MODE_OCB``, its length must be in the range **[1..15]**
- (recommended: **15**).
+ For ``MODE_OCB``, its length must be in the range **[1..15]**
+ (recommended: **15**).
- For ``MODE_CTR``, its length must be in the range **[0..15]**
- (recommended: **8**).
+ For ``MODE_CTR``, its length must be in the range **[0..15]**
+ (recommended: **8**).
- For ``MODE_SIV``, the nonce is optional, if it is not specified,
- then no nonce is being used, which renders the encryption
- deterministic.
+ For ``MODE_SIV``, the nonce is optional, if it is not specified,
+ then no nonce is being used, which renders the encryption
+ deterministic.
- If not provided, for modes other than ``MODE_SIV```, a random
- byte string of the recommended length is used (you must then
- read its value with the :attr:`nonce` attribute).
+ If not provided, for modes other than ``MODE_SIV``, a random
+ byte string of the recommended length is used (you must then
+ read its value with the :attr:`nonce` attribute).
- * **segment_size** (*integer*) --
- (Only ``MODE_CFB``).The number of **bits** the plaintext and ciphertext
- are segmented in. It must be a multiple of 8.
- If not specified, it will be assumed to be 8.
+ segment_size (integer):
+ (Only ``MODE_CFB``).The number of **bits** the plaintext and ciphertext
+ are segmented in. It must be a multiple of 8.
+ If not specified, it will be assumed to be 8.
- * **mac_len** : (*integer*) --
- (Only ``MODE_EAX``, ``MODE_GCM``, ``MODE_OCB``, ``MODE_CCM``)
- Length of the authentication tag, in bytes.
+ mac_len (integer):
+ (Only ``MODE_EAX``, ``MODE_GCM``, ``MODE_OCB``, ``MODE_CCM``)
+ Length of the authentication tag, in bytes.
- It must be even and in the range **[4..16]**.
- The recommended value (and the default, if not specified) is **16**.
+ It must be even and in the range **[4..16]**.
+ The recommended value (and the default, if not specified) is **16**.
- * **msg_len** : (*integer*) --
- (Only ``MODE_CCM``). Length of the message to (de)cipher.
- If not specified, ``encrypt`` must be called with the entire message.
- Similarly, ``decrypt`` can only be called once.
+ msg_len (integer):
+ (Only ``MODE_CCM``). Length of the message to (de)cipher.
+ If not specified, ``encrypt`` must be called with the entire message.
+ Similarly, ``decrypt`` can only be called once.
- * **assoc_len** : (*integer*) --
- (Only ``MODE_CCM``). Length of the associated data.
- If not specified, all associated data is buffered internally,
- which may represent a problem for very large messages.
+ assoc_len (integer):
+ (Only ``MODE_CCM``). Length of the associated data.
+ If not specified, all associated data is buffered internally,
+ which may represent a problem for very large messages.
- * **initial_value** : (*integer* or *bytes/bytearray/memoryview*) --
- (Only ``MODE_CTR``).
- The initial value for the counter. If not present, the cipher will
- start counting from 0. The value is incremented by one for each block.
- The counter number is encoded in big endian mode.
+ initial_value (integer or bytes/bytearray/memoryview):
+ (Only ``MODE_CTR``).
+ The initial value for the counter. If not present, the cipher will
+ start counting from 0. The value is incremented by one for each block.
+ The counter number is encoded in big endian mode.
- * **counter** : (*object*) --
- Instance of ``Cryptodome.Util.Counter``, which allows full customization
- of the counter block. This parameter is incompatible to both ``nonce``
- and ``initial_value``.
+ counter (object):
+ (Only ``MODE_CTR``).
+ Instance of ``Cryptodome.Util.Counter``, which allows full customization
+ of the counter block. This parameter is incompatible to both ``nonce``
+ and ``initial_value``.
- * **use_aesni** : (*boolean*) --
- Use Intel AES-NI hardware extensions (default: use if available).
+ use_aesni: (boolean):
+ Use Intel AES-NI hardware extensions (default: use if available).
- :Return: an AES object, of the applicable mode.
+ Returns:
+ an AES object, of the applicable mode.
"""
kwargs["add_aes_modes"] = True
return _create_cipher(sys.modules[__name__], key, mode, *args, **kwargs)
-MODE_ECB = 1
-MODE_CBC = 2
-MODE_CFB = 3
-MODE_OFB = 5
-MODE_CTR = 6
-MODE_OPENPGP = 7
-MODE_CCM = 8
-MODE_EAX = 9
-MODE_SIV = 10
-MODE_GCM = 11
-MODE_OCB = 12
-
# Size of a data block (in bytes)
block_size = 16
# Size of a key (in bytes)