コード例 #1
0
def new(key, mode, salt, cost, invert):
    """Create a new EKSBlowfish cipher
    
    Args:

      key (bytes, bytearray, memoryview):
        The secret key to use in the symmetric cipher.
        Its length can vary from 0 to 72 bytes.

      mode (one of the supported ``MODE_*`` constants):
        The chaining mode to use for encryption or decryption.

      salt (bytes, bytearray, memoryview):
        The salt that bcrypt uses to thwart rainbow table attacks

      cost (integer):
        The complexity factor in bcrypt

      invert (bool):
        If ``False``, in the inner loop use ``ExpandKey`` first over the salt
        and then over the key, as defined in
        the `original bcrypt specification <https://www.usenix.org/legacy/events/usenix99/provos/provos_html/node4.html>`_.
        If ``True``, reverse the order, as in the first implementation of
        `bcrypt` in OpenBSD.

    :Return: an EKSBlowfish object
    """

    kwargs = {'salt': salt, 'cost': cost, 'invert': invert}
    return _create_cipher(sys.modules[__name__], key, mode, **kwargs)
コード例 #2
0
def new(key, mode, *args, **kwargs):
    """Create a new RC2 cipher.

    :param key:
        The secret key to use in the symmetric cipher.
        Its length can vary from 5 to 128 bytes.
    :type key: byte string

    :param mode:
        The chaining mode to use for encryption or decryption.
    :type mode: One of the supported ``MODE_*`` constants

    :Keyword Arguments:
        *   *iv* (``byte string``) --
            (Only applicable for ``MODE_CBC``, ``MODE_CFB``, ``MODE_OFB``,
            and ``MODE_OPENPGP`` modes).

            The initialization vector to use for encryption or decryption.

            For ``MODE_CBC``, ``MODE_CFB``, and ``MODE_OFB`` it must be 8 bytes long.

            For ``MODE_OPENPGP`` mode only,
            it must be 8 bytes long for encryption
            and 10 bytes for decryption (in the latter case, it is
            actually the *encrypted* IV which was prefixed to the ciphertext).

            If not provided, a random byte string is generated (you must then
            read its value with the :attr:`iv` attribute).

        *   *nonce* (``byte string``) --
            (Only applicable for ``MODE_EAX`` and ``MODE_CTR``).

            A value that must never be reused for any other encryption done
            with this key.

            For ``MODE_EAX`` there are no
            restrictions on its length (recommended: **16** bytes).

            For ``MODE_CTR``, its length must be in the range **[0..7]**.

            If not provided for ``MODE_EAX``, a random byte string is generated (you
            can read it back via the ``nonce`` attribute).

        *   *segment_size* (``integer``) --
            (Only ``MODE_CFB``).The number of **bits** the plaintext and ciphertext
            are segmented in. It must be a multiple of 8.
            If not specified, it will be assumed to be 8.

        *   *mac_len* : (``integer``) --
            (Only ``MODE_EAX``)
            Length of the authentication tag, in bytes.
            It must be no longer than 8 (default).

        *   *initial_value* : (``integer``) --
            (Only ``MODE_CTR``). The initial value for the counter within
            the counter block. By default it is **0**.

    :Return: an ARC2 object, of the applicable mode.
    """

    return _create_cipher(sys.modules[__name__], key, mode, *args, **kwargs)
コード例 #3
0
def new(key, mode, *args, **kwargs):
    """Create a new TDES cipher

    :Parameters:
      key : byte string
        The secret key to use in the symmetric cipher.
        It must be 16 or 24 bytes long. The parity bits will be ignored.
        The condition K1 != K2 != K3 must hold.

      mode : a *MODE_** constant
        The chaining mode to use for encryption or decryption.

    :Keywords:
      iv : byte string
        (*Only* `MODE_CBC`, `MODE_CFB`, `MODE_OFB`, `MODE_OPENPGP`).

        The initialization vector to use for encryption or decryption.

        For `MODE_OPENPGP`, IV must be 8 bytes long for encryption
        and 10 bytes for decryption (in the latter case, it is
        actually the *encrypted* IV which was prefixed to the ciphertext).

        For all other modes, it must be 8 bytes long.

        If not provided, a random byte string will be generated (you can read
        it back via the ``iv`` attribute).

      nonce : byte string
        (*Only* `MODE_EAX` and `MODE_CTR`)
        A value that must never be reused for any other encryption.

        For `MODE_CTR`, its length must be in the range ``[0..7]``.

        For `MODE_EAX`, there are no restrictions, but it is recommended to
        use at least 16 bytes.

        If not provided for `MODE_EAX`, a random 16 byte string is generated
        (you can read it back via the ``nonce`` attribute).

      mac_len : integer
        (*Only* `MODE_EAX`). Length of the authentication tag, in bytes.
        It must be no larger than 8 (which is the default).

      segment_size : integer
        (*Only* `MODE_CFB`).The number of **bits** the plaintext and ciphertext
        are segmented in. It must be a multiple of 8.
        If not specified, it will be assumed to be 8.

      initial_value : integer
        (*Only* `MODE_CTR`). The initial value for the counter within
        the counter block. By default it is 0.

    :Attention: it is important that all 8 byte subkeys are different,
      otherwise TDES would degrade to single `DES`.

    :Raise ValueError:
      when the key degrades to Single DES.

    :Return: a DES cipher object, of the applicable mode:

        - CBC_ mode
        - CFB_ mode
        - CTR_ mode
        - EAX_ mode
        - ECB_ mode
        - OFB_ mode
        - OpenPgp_ mode

    .. _CBC: Cryptodome.Cipher._mode_cbc.CbcMode-class.html
    .. _CFB: Cryptodome.Cipher._mode_cfb.CfbMode-class.html
    .. _CTR: Cryptodome.Cipher._mode_ctr.CtrMode-class.html
    .. _EAX: Cryptodome.Cipher._mode_eax.EaxMode-class.html
    .. _ECB: Cryptodome.Cipher._mode_ecb.EcbMode-class.html
    .. _OFB: Cryptodome.Cipher._mode_ofb.OfbMode-class.html
    .. _OpenPgp: Cryptodome.Cipher._mode_openpgp.OpenPgpMode-class.html
    """

    return _create_cipher(sys.modules[__name__], key, mode, *args, **kwargs)
コード例 #4
0
ファイル: CAST.py プロジェクト: 2216288075/meiduo_project
def new(key, mode, *args, **kwargs):
    """Create a new CAST cipher

    :param key:
        The secret key to use in the symmetric cipher.
        Its length can vary from 5 to 16 bytes.
    :type key: bytes, bytearray, memoryview

    :param mode:
        The chaining mode to use for encryption or decryption.
    :type mode: One of the supported ``MODE_*`` constants

    :Keyword Arguments:
        *   **iv** (*bytes*, *bytearray*, *memoryview*) --
            (Only applicable for ``MODE_CBC``, ``MODE_CFB``, ``MODE_OFB``,
            and ``MODE_OPENPGP`` modes).

            The initialization vector to use for encryption or decryption.

            For ``MODE_CBC``, ``MODE_CFB``, and ``MODE_OFB`` it must be 8 bytes long.

            For ``MODE_OPENPGP`` mode only,
            it must be 8 bytes long for encryption
            and 10 bytes for decryption (in the latter case, it is
            actually the *encrypted* IV which was prefixed to the ciphertext).

            If not provided, a random byte string is generated (you must then
            read its value with the :attr:`iv` attribute).

        *   **nonce** (*bytes*, *bytearray*, *memoryview*) --
            (Only applicable for ``MODE_EAX`` and ``MODE_CTR``).

            A value that must never be reused for any other encryption done
            with this key.

            For ``MODE_EAX`` there are no
            restrictions on its length (recommended: **16** bytes).

            For ``MODE_CTR``, its length must be in the range **[0..7]**.

            If not provided for ``MODE_EAX``, a random byte string is generated (you
            can read it back via the ``nonce`` attribute).

        *   **segment_size** (*integer*) --
            (Only ``MODE_CFB``).The number of **bits** the plaintext and ciphertext
            are segmented in. It must be a multiple of 8.
            If not specified, it will be assumed to be 8.

        *   **mac_len** : (*integer*) --
            (Only ``MODE_EAX``)
            Length of the authentication tag, in bytes.
            It must be no longer than 8 (default).

        *   **initial_value** : (*integer*) --
            (Only ``MODE_CTR``). The initial value for the counter within
            the counter block. By default it is **0**.

    :Return: a CAST object, of the applicable mode.
    """

    return _create_cipher(sys.modules[__name__], key, mode, *args, **kwargs)
コード例 #5
0
def new(key, mode, *args, **kwargs):
    """Create a new Blowfish cipher

    :Parameters:
      key : byte string
        The secret key to use in the symmetric cipher.
        Its length can vary from 5 to 56 bytes.

      mode : a *MODE_** constant
        The chaining mode to use for encryption or decryption.

    :Keywords:
      iv : byte string
        (*Only* `MODE_CBC`, `MODE_CFB`, `MODE_OFB`, `MODE_OPENPGP`).

        The initialization vector to use for encryption or decryption.

        For `MODE_OPENPGP`, IV must be 8 bytes long for encryption
        and 10 bytes for decryption (in the latter case, it is
        actually the *encrypted* IV which was prefixed to the ciphertext).

        For all other modes, it must be 8 bytes long.

        If not provided, a random byte string will be generated (you must
        read it back via the ``iv`` attribute).

      nonce : byte string
        (*Only* `MODE_EAX` and `MODE_CTR`).
        A value that must never be reused for any other encryption.

        For `MODE_CTR`, its length must be in the range ``[0..7]``.

        For `MODE_EAX`, there are no restrictions, but it is recommended to
        use at least 16 bytes.

        If not provided for `MODE_EAX`, a 16 byte random string will be used
        (you can read it back via the ``nonce`` attribute).

      mac_len : integer
        (*Only* `MODE_EAX`). Length of the authentication tag, in bytes.
        It must be no larger than 8 (which is the default).

      segment_size : integer
        (*Only* `MODE_CFB`).The number of bits the plaintext and ciphertext
        are segmented in. It must be a multiple of 8.
        If not specified, it will be assumed to be 8.

      initial_value : integer
        (*Only* `MODE_CTR`). The initial value for the counter within
        the counter block. By default it is 0.

    :Return: a Blowfish cipher object, of the applicable mode:

        - CBC_ mode
        - CFB_ mode
        - CTR_ mode
        - EAX_ mode
        - ECB_ mode
        - OFB_ mode
        - OpenPgp_ mode

    .. _CBC: Cryptodome.Cipher._mode_cbc.CbcMode-class.html
    .. _CFB: Cryptodome.Cipher._mode_cfb.CfbMode-class.html
    .. _CTR: Cryptodome.Cipher._mode_ctr.CtrMode-class.html
    .. _EAX: Cryptodome.Cipher._mode_eax.EaxMode-class.html
    .. _ECB: Cryptodome.Cipher._mode_ecb.EcbMode-class.html
    .. _OFB: Cryptodome.Cipher._mode_ofb.OfbMode-class.html
    .. _OpenPgp: Cryptodome.Cipher._mode_openpgp.OpenPgpMode-class.html
    """

    return _create_cipher(sys.modules[__name__], key, mode, *args, **kwargs)
コード例 #6
0
def new(key, mode, *args, **kwargs):
    """Create a new RC2 cipher

    :Parameters:
      key : byte string
        The secret key to use in the symmetric cipher.
        Its length can vary from 5 to 128 bytes.

      mode : a *MODE_** constant
        The chaining mode to use for encryption or decryption.

    :Keywords:
      iv : byte string
        (*Only* `MODE_CBC`, `MODE_CFB`, `MODE_OFB`, `MODE_OPENPGP`).

        The initialization vector to use for encryption or decryption.

        For `MODE_OPENPGP`, IV must be 8 bytes long for encryption
        and 10 bytes for decryption (in the latter case, it is
        actually the *encrypted* IV which was prefixed to the ciphertext).

        For all other modes, it must be 8 bytes long.

        If not provided, a random byte string will be generated (you
        must read it back via the ``iv`` attribute of the cipher).

      nonce : byte string
        (*Only* `MODE_EAX` and `MODE_CTR`).
        A value that must never be reused for any other encryption done with
        this key.

        For `MODE_CTR`, its length must be in the range ``[0..7]``.

        For `MODE_EAX`, there are no restrictions, but it is recommended to
        use at least 16 bytes.

        If not provided for `MODE_EAX`, a random byte string will be
        generated (you must read it back via the ``nonce`` attribute
        of the cipher).

      mac_len : integer
        (*Only* `MODE_EAX`). Length of the authentication tag, in bytes.
        It must be no larger than 8 (which is the default).

      segment_size : integer
        (*Only* `MODE_CFB`).
        The number of **bits** the plaintext and ciphertext are segmented in.
        It must be a multiple of 8. If not specified,
        it will be assumed to be 8.

      initial_value : integer
        (*Only* `MODE_CTR`). The initial value for the counter within
        the counter block. By default it is 0.

      effective_keylen : integer
        Maximum cryptographic strength of the key, in **bits**.
        It can vary from 40 to 1024. The default value is 1024.

    :Return: an RC2 cipher object, of the applicable mode:

        - CBC_ mode
        - CFB_ mode
        - CTR_ mode
        - EAX_ mode
        - ECB_ mode
        - OFB_ mode
        - OpenPgp_ mode

    .. _CBC: Cryptodome.Cipher._mode_cbc.CbcMode-class.html
    .. _CFB: Cryptodome.Cipher._mode_cfb.CfbMode-class.html
    .. _CTR: Cryptodome.Cipher._mode_ctr.CtrMode-class.html
    .. _EAX: Cryptodome.Cipher._mode_eax.EaxMode-class.html
    .. _ECB: Cryptodome.Cipher._mode_ecb.EcbMode-class.html
    .. _OFB: Cryptodome.Cipher._mode_ofb.OfbMode-class.html
    .. _OpenPgp: Cryptodome.Cipher._mode_openpgp.OpenPgpMode-class.html

    """

    return _create_cipher(sys.modules[__name__], key, mode, *args, **kwargs)
コード例 #7
0
def new(key, mode, *args, **kwargs):
    """Create a new AES cipher.

    :param key:
        The secret key to use in the symmetric cipher.

        It must be 16, 24 or 32 bytes long (respectively for *AES-128*,
        *AES-192* or *AES-256*).

        For ``MODE_SIV`` only, it doubles to 32, 48, or 64 bytes.
    :type key: bytes/bytearray/memoryview

    :param mode:
        The chaining mode to use for encryption or decryption.
        If in doubt, use ``MODE_EAX``.
    :type mode: One of the supported ``MODE_*`` constants

    :Keyword Arguments:
        *   **iv** (*bytes*, *bytearray*, *memoryview*) --
            (Only applicable for ``MODE_CBC``, ``MODE_CFB``, ``MODE_OFB``,
            and ``MODE_OPENPGP`` modes).

            The initialization vector to use for encryption or decryption.

            For ``MODE_CBC``, ``MODE_CFB``, and ``MODE_OFB`` it must be 16 bytes long.

            For ``MODE_OPENPGP`` mode only,
            it must be 16 bytes long for encryption
            and 18 bytes for decryption (in the latter case, it is
            actually the *encrypted* IV which was prefixed to the ciphertext).

            If not provided, a random byte string is generated (you must then
            read its value with the :attr:`iv` attribute).

        *   **nonce** (*bytes*, *bytearray*, *memoryview*) --
            (Only applicable for ``MODE_CCM``, ``MODE_EAX``, ``MODE_GCM``,
            ``MODE_SIV``, ``MODE_OCB``, and ``MODE_CTR``).

            A value that must never be reused for any other encryption done
            with this key (except possibly for ``MODE_SIV``, see below).

            For ``MODE_EAX``, ``MODE_GCM`` and ``MODE_SIV`` there are no
            restrictions on its length (recommended: **16** bytes).

            For ``MODE_CCM``, its length must be in the range **[7..13]**.
            Bear in mind that with CCM there is a trade-off between nonce
            length and maximum message size. Recommendation: **11** bytes.

            For ``MODE_OCB``, its length must be in the range **[1..15]**
            (recommended: **15**).

            For ``MODE_CTR``, its length must be in the range **[0..15]**
            (recommended: **8**).

            For ``MODE_SIV``, the nonce is optional, if it is not specified,
            then no nonce is being used, which renders the encryption
            deterministic.

            If not provided, for modes other than ``MODE_SIV```, a random
            byte string of the recommended length is used (you must then
            read its value with the :attr:`nonce` attribute).

        *   **segment_size** (*integer*) --
            (Only ``MODE_CFB``).The number of **bits** the plaintext and ciphertext
            are segmented in. It must be a multiple of 8.
            If not specified, it will be assumed to be 8.

        *   **mac_len** : (*integer*) --
            (Only ``MODE_EAX``, ``MODE_GCM``, ``MODE_OCB``, ``MODE_CCM``)
            Length of the authentication tag, in bytes.

            It must be even and in the range **[4..16]**.
            The recommended value (and the default, if not specified) is **16**.

        *   **msg_len** : (*integer*) --
            (Only ``MODE_CCM``). Length of the message to (de)cipher.
            If not specified, ``encrypt`` must be called with the entire message.
            Similarly, ``decrypt`` can only be called once.

        *   **assoc_len** : (*integer*) --
            (Only ``MODE_CCM``). Length of the associated data.
            If not specified, all associated data is buffered internally,
            which may represent a problem for very large messages.

        *   **initial_value** : (*integer* or *bytes/bytearray/memoryview*) --
            (Only ``MODE_CTR``).
            The initial value for the counter. If not present, the cipher will
            start counting from 0. The value is incremented by one for each block.
            The counter number is encoded in big endian mode.

        *   **counter** : (*object*) --
            Instance of ``Cryptodome.Util.Counter``, which allows full customization
            of the counter block. This parameter is incompatible to both ``nonce``
            and ``initial_value``.

        *   **use_aesni** : (*boolean*) --
            Use Intel AES-NI hardware extensions (default: use if available).

    :Return: an AES object, of the applicable mode.
    """

    kwargs["add_aes_modes"] = True
    return _create_cipher(sys.modules[__name__], key, mode, *args, **kwargs)
コード例 #8
0
ファイル: AES.py プロジェクト: chevah/python-package
def new(key, mode, *args, **kwargs):
    """Create a new AES cipher.

    :param key:
        The secret key to use in the symmetric cipher.

        It must be 16, 24 or 32 bytes long (respectively for *AES-128*,
        *AES-192* or *AES-256*).

        For ``MODE_SIV`` only, it doubles to 32, 48, or 64 bytes.
    :type key: bytes/bytearray/memoryview

    :param mode:
        The chaining mode to use for encryption or decryption.
        If in doubt, use ``MODE_EAX``.
    :type mode: One of the supported ``MODE_*`` constants

    :Keyword Arguments:
        *   **iv** (*bytes*, *bytearray*, *memoryview*) --
            (Only applicable for ``MODE_CBC``, ``MODE_CFB``, ``MODE_OFB``,
            and ``MODE_OPENPGP`` modes).

            The initialization vector to use for encryption or decryption.

            For ``MODE_CBC``, ``MODE_CFB``, and ``MODE_OFB`` it must be 16 bytes long.

            For ``MODE_OPENPGP`` mode only,
            it must be 16 bytes long for encryption
            and 18 bytes for decryption (in the latter case, it is
            actually the *encrypted* IV which was prefixed to the ciphertext).

            If not provided, a random byte string is generated (you must then
            read its value with the :attr:`iv` attribute).

        *   **nonce** (*bytes*, *bytearray*, *memoryview*) --
            (Only applicable for ``MODE_CCM``, ``MODE_EAX``, ``MODE_GCM``,
            ``MODE_SIV``, ``MODE_OCB``, and ``MODE_CTR``).

            A value that must never be reused for any other encryption done
            with this key (except possibly for ``MODE_SIV``, see below).

            For ``MODE_EAX``, ``MODE_GCM`` and ``MODE_SIV`` there are no
            restrictions on its length (recommended: **16** bytes).

            For ``MODE_CCM``, its length must be in the range **[7..13]**.
            Bear in mind that with CCM there is a trade-off between nonce
            length and maximum message size. Recommendation: **11** bytes.

            For ``MODE_OCB``, its length must be in the range **[1..15]**
            (recommended: **15**).

            For ``MODE_CTR``, its length must be in the range **[0..15]**
            (recommended: **8**).
            
            For ``MODE_SIV``, the nonce is optional, if it is not specified,
            then no nonce is being used, which renders the encryption
            deterministic.

            If not provided, for modes other than ``MODE_SIV```, a random
            byte string of the recommended length is used (you must then
            read its value with the :attr:`nonce` attribute).

        *   **segment_size** (*integer*) --
            (Only ``MODE_CFB``).The number of **bits** the plaintext and ciphertext
            are segmented in. It must be a multiple of 8.
            If not specified, it will be assumed to be 8.

        *   **mac_len** : (*integer*) --
            (Only ``MODE_EAX``, ``MODE_GCM``, ``MODE_OCB``, ``MODE_CCM``)
            Length of the authentication tag, in bytes.

            It must be even and in the range **[4..16]**.
            The recommended value (and the default, if not specified) is **16**.

        *   **msg_len** : (*integer*) --
            (Only ``MODE_CCM``). Length of the message to (de)cipher.
            If not specified, ``encrypt`` must be called with the entire message.
            Similarly, ``decrypt`` can only be called once.

        *   **assoc_len** : (*integer*) --
            (Only ``MODE_CCM``). Length of the associated data.
            If not specified, all associated data is buffered internally,
            which may represent a problem for very large messages.

        *   **initial_value** : (*integer*) --
            (Only ``MODE_CTR``). The initial value for the counter within
            the counter block. By default it is **0**.

        *   **use_aesni** : (*boolean*) --
            Use Intel AES-NI hardware extensions (default: use if available).

    :Return: an AES object, of the applicable mode.
    """

    kwargs["add_aes_modes"] = True
    return _create_cipher(sys.modules[__name__], key, mode, *args, **kwargs)
コード例 #9
0
ファイル: AES.py プロジェクト: riser101/project-heights
def new(key, mode, *args, **kwargs):
    """Create a new AES cipher

    :Parameters:
      key : byte string
        The secret key to use in the symmetric cipher.
        It must be 16 (*AES-128*), 24 (*AES-192*), or 32 (*AES-256*)
        bytes long.

        Only in `MODE_SIV`, it needs to be 32, 48, or 64 bytes long.

      mode : a *MODE_** constant
        The chaining mode to use for encryption or decryption.
        If in doubt, use `MODE_EAX`.

    :Keywords:
      iv : byte string
        (*Only* `MODE_CBC`, `MODE_CFB`, `MODE_OFB`, `MODE_OPENPGP`).

        The initialization vector to use for encryption or decryption.

        For `MODE_OPENPGP`, it must be 16 bytes long for encryption
        and 18 bytes for decryption (in the latter case, it is
        actually the *encrypted* IV which was prefixed to the ciphertext).

        For all other modes, it must be 16 bytes long.

        In not provided, a random byte string is used (you must then
        read its value with the ``iv`` attribute).

      nonce : byte string
        (*Only* `MODE_CCM`, `MODE_EAX`, `MODE_GCM`, `MODE_SIV`, `MODE_OCB`,
        `MODE_CTR`).

        A value that must never be reused for any other encryption done
        with this key.

        For `MODE_CCM`, its length must be in the range ``[7..13]``.
        Bear in mind that with CCM there is a trade-off between nonce
        length and maximum message size.

        For `MODE_OCB`, its length must be in the range ``[1..15]``.

        For `MODE_CTR`, its length must be in the range ``[0..15]``.

        For the other modes, there are no restrictions on its length.

        The recommended length depends on the mode: 8 bytes for `MODE_CTR`,
        11 bytes for `MODE_CCM`, 15 bytes for `MODE_OCB` and 16 bytes
        for the remaining modes.

        In not provided, a random byte string of the recommended
        length is used (you must then read its value with the ``nonce`` attribute).

      segment_size : integer
        (*Only* `MODE_CFB`).The number of **bits** the plaintext and ciphertext
        are segmented in. It must be a multiple of 8.
        If not specified, it will be assumed to be 8.

      mac_len : integer
        (*Only* `MODE_EAX`, `MODE_GCM`, `MODE_OCB`, `MODE_CCM`)
        Length of the authentication tag, in bytes.

        It must be even and in the range ``[4..16]``.
        The recommended value (and the default, if not specified) is 16.

      msg_len : integer
        (*Only* `MODE_CCM`). Length of the message to (de)cipher.
        If not specified, ``encrypt`` must be called with the entire message.
        Similarly, ``decrypt`` can only be called once.

      assoc_len : integer
        (*Only* `MODE_CCM`). Length of the associated data.
        If not specified, all associated data is buffered internally,
        which may represent a problem for very large messages.

      initial_value : integer
        (*Only* `MODE_CTR`). The initial value for the counter within
        the counter block. By default it is 0.

      use_aesni : boolean
        Use Intel AES-NI hardware extensions if available.

    :Return: an AES object, of the applicable mode:

        - CBC_ mode
        - CCM_ mode
        - CFB_ mode
        - CTR_ mode
        - EAX_ mode
        - ECB_ mode
        - GCM_ mode
        - OCB_ mode
        - OFB_ mode
        - OpenPgp_ mode
        - SIV_ mode

    .. _CBC: Cryptodome.Cipher._mode_cbc.CbcMode-class.html
    .. _CCM: Cryptodome.Cipher._mode_ccm.CcmMode-class.html
    .. _CFB: Cryptodome.Cipher._mode_cfb.CfbMode-class.html
    .. _CTR: Cryptodome.Cipher._mode_ctr.CtrMode-class.html
    .. _EAX: Cryptodome.Cipher._mode_eax.EaxMode-class.html
    .. _ECB: Cryptodome.Cipher._mode_ecb.EcbMode-class.html
    .. _GCM: Cryptodome.Cipher._mode_gcm.GcmMode-class.html
    .. _OCB: Cryptodome.Cipher._mode_ocb.OcbMode-class.html
    .. _OFB: Cryptodome.Cipher._mode_ofb.OfbMode-class.html
    .. _OpenPgp: Cryptodome.Cipher._mode_openpgp.OpenPgpMode-class.html
    .. _SIV: Cryptodome.Cipher._mode_siv.SivMode-class.html
    """

    kwargs["add_aes_modes"] = True
    return _create_cipher(sys.modules[__name__], key, mode, *args, **kwargs)
コード例 #10
0
def new(key, mode, *args, **kwargs):
    """Create a new AES cipher

    :Parameters:
      key : byte string
        The secret key to use in the symmetric cipher.
        It must be 16 (*AES-128*), 24 (*AES-192*), or 32 (*AES-256*)
        bytes long.

        Only in `MODE_SIV`, it needs to be 32, 48, or 64 bytes long.

      mode : a *MODE_** constant
        The chaining mode to use for encryption or decryption.
        If in doubt, use `MODE_EAX`.

    :Keywords:
      iv : byte string
        (*Only* `MODE_CBC`, `MODE_CFB`, `MODE_OFB`, `MODE_OPENPGP`).

        The initialization vector to use for encryption or decryption.

        For `MODE_OPENPGP`, it must be 16 bytes long for encryption
        and 18 bytes for decryption (in the latter case, it is
        actually the *encrypted* IV which was prefixed to the ciphertext).

        For all other modes, it must be 16 bytes long.

        In not provided, a random byte string is used (you must then
        read its value with the ``iv`` attribute).

      nonce : byte string
        (*Only* `MODE_CCM`, `MODE_EAX`, `MODE_GCM`, `MODE_SIV`, `MODE_OCB`,
        `MODE_CTR`).

        A value that must never be reused for any other encryption done
        with this key.

        For `MODE_CCM`, its length must be in the range ``[7..13]``.
        Bear in mind that with CCM there is a trade-off between nonce
        length and maximum message size.

        For `MODE_OCB`, its length must be in the range ``[1..15]``.

        For `MODE_CTR`, its length must be in the range ``[0..15]``.

        For the other modes, there are no restrictions on its length.

        The recommended length depends on the mode: 8 bytes for `MODE_CTR`,
        11 bytes for `MODE_CCM`, 15 bytes for `MODE_OCB` and 16 bytes
        for the remaining modes.

        In not provided, a random byte string of the recommended
        length is used (you must then read its value with the ``nonce`` attribute).

      segment_size : integer
        (*Only* `MODE_CFB`).The number of **bits** the plaintext and ciphertext
        are segmented in. It must be a multiple of 8.
        If not specified, it will be assumed to be 8.

      mac_len : integer
        (*Only* `MODE_EAX`, `MODE_GCM`, `MODE_OCB`, `MODE_CCM`)
        Length of the authentication tag, in bytes.

        It must be even and in the range ``[4..16]``.
        The recommended value (and the default, if not specified) is 16.

      msg_len : integer
        (*Only* `MODE_CCM`). Length of the message to (de)cipher.
        If not specified, ``encrypt`` must be called with the entire message.
        Similarly, ``decrypt`` can only be called once.

      assoc_len : integer
        (*Only* `MODE_CCM`). Length of the associated data.
        If not specified, all associated data is buffered internally,
        which may represent a problem for very large messages.

      initial_value : integer
        (*Only* `MODE_CTR`). The initial value for the counter within
        the counter block. By default it is 0.

      use_aesni : boolean
        Use Intel AES-NI hardware extensions if available.

    :Return: an AES object, of the applicable mode:

        - CBC_ mode
        - CCM_ mode
        - CFB_ mode
        - CTR_ mode
        - EAX_ mode
        - ECB_ mode
        - GCM_ mode
        - OCB_ mode
        - OFB_ mode
        - OpenPgp_ mode
        - SIV_ mode

    .. _CBC: Cryptodome.Cipher._mode_cbc.CbcMode-class.html
    .. _CCM: Cryptodome.Cipher._mode_ccm.CcmMode-class.html
    .. _CFB: Cryptodome.Cipher._mode_cfb.CfbMode-class.html
    .. _CTR: Cryptodome.Cipher._mode_ctr.CtrMode-class.html
    .. _EAX: Cryptodome.Cipher._mode_eax.EaxMode-class.html
    .. _ECB: Cryptodome.Cipher._mode_ecb.EcbMode-class.html
    .. _GCM: Cryptodome.Cipher._mode_gcm.GcmMode-class.html
    .. _OCB: Cryptodome.Cipher._mode_ocb.OcbMode-class.html
    .. _OFB: Cryptodome.Cipher._mode_ofb.OfbMode-class.html
    .. _OpenPgp: Cryptodome.Cipher._mode_openpgp.OpenPgpMode-class.html
    .. _SIV: Cryptodome.Cipher._mode_siv.SivMode-class.html
    """

    kwargs["add_aes_modes"] = True
    return _create_cipher(sys.modules[__name__], key, mode, *args, **kwargs)