def aes_cbc_dec(aesKey, bsEncMsg, bsMacMsg):
'''
AuthenticatedEncryption - Check mac then decrypt given encrypted message.
'''
### Prepare for mac
sha256 = SHA256()
hmac = HMAC(aesKey, sha256, default_backend())
### do mac
hmac.update(bsEncMsg)
macMsg = hmac.finalize()
if (macMsg != bsMacMsg):
raise Exception("ERRR:AEDecrypt:Mismatch, skipping")
return None
### Prepare for decryption
blockLen = 16
iv = os.urandom(blockLen)
aes = AES(aesKey)
cbc = CBC(iv)
aesCbc = Cipher(aes, cbc, default_backend())
aesCbcDec = aesCbc.decryptor()
### do decrypt
decMsg = aesCbcDec.update(bsEncMsg)
decFina = aesCbcDec.finalize()
decMsg = decMsg + decFina
# do pkcs7 depadding
unpad = PKCS7(blockLen * 8).unpadder()
decMsg = unpad.update(decMsg)
decMsg += unpad.finalize()
# Discard the initial random block, as corresponding enc and this dec uses
# non communicated random iv and inturn discardable random 0th block
decMsg = decMsg[blockLen:]
return decMsg
def aes_decrypt(data, iv, key):
cipher = Cipher(AES(key), CBC(iv), default_backend())
decryptor = cipher.decryptor()
plain_text = decryptor.update(data) + decryptor.finalize()
padding = plain_text[len(plain_text) - 1]
return plain_text[:len(plain_text) - padding]
