def encrypt(key, data, salt=None):
"""encrypts data using AES algorithm in CBC mode with the given key.
Input:
key: byte string of length (16, 24, 32)
data: byte string containing data to be encrypted
padding is used to meet convert data into AES blocksize (16)
salt: (optional) byte string of length 16
Output:
byte string of IV + cipher_text
Raises:
TypeError:
ValueError:
"""
if not type(key) == bytes == type(data):
raise TypeError("Key/data must be of type bytes")
if len(key) not in AES.key_size:
raise ValueError("key must be of length (16, 24, 32) bytes")
data = PAD(data)
if not salt:
salt = util.generate_random_bytes(AES.block_size)
encrypter = AES.new(key, AES.MODE_CBC, salt)
return salt + encrypter.encrypt(data)
def generate_hash(key, iterations, salt=None, length=None, hash_function="SHA512"):
"""Generates a key based on pass_phrase using PBKDF2 with default hash function of SHA512
Input:
key: byte string based on which hash will be generated
iterations: Number of times hash_function is applied
salt: byte string to randomize hash generation
length: length of output hash (default being the length of hash function)
hash_function: function that is able to generate hash i.e. sha128, sha256 (default: sha512)
Output:
byte string
Raises:
TypeError:
"""
if not type(key) == bytes:
raise TypeError("Key must be of type bytes")
hash_function = "SHA512"
if not salt:
salt = util.generate_random_bytes(32)
return hashlib.pbkdf2_hmac(hash_function, key, salt, iterations, dklen=length)
def test_rng_length(self):
"""Test that length return by rng is as required"""
for length in self.lengths:
generated = util.generate_random_bytes(length)
self.assertEqual(length, len(generated))
