Module: aead_aes_hmac

class doubleratchet.recommended.aead_aes_hmac.AEAD[source]

Bases: AEAD

An implementation of Authenticated Encryption with Associated Data using AES-256 in CBC mode, HKDF and HMAC with SHA-256 or SHA-512:

HKDF is used with SHA-256 or SHA-512 to generate 80 bytes of output. The HKDF salt is set to a zero-filled byte sequence equal to the digest size of the hash function. HKDF input key material is set to AEAD key. HKDF info is set to an application-specific byte sequence distinct from other uses of HKDF in the application.

The HKDF output is divided into a 32-byte encryption key, a 32-byte authentication key, and a 16-byte IV.

The plaintext is encrypted using AES-256 in CBC mode with PKCS#7 padding, using the encryption key and IV from the previous step.

HMAC is calculated using the authentication key and the same hash function as above. The HMAC input is the associated_data prepended to the ciphertext. The HMAC output is appended to the ciphertext.

abstractmethod static _get_hash_function()[source]

Return type:: HashFunction

abstractmethod static _get_info()[source]

Return type:: bytes

async classmethod encrypt(plaintext, key, associated_data)[source]

Parameters:

plaintext (bytes) – The plaintext to encrypt.
key (bytes) – The encryption key.
associated_data (bytes) – Additional data to authenticate without including it in the ciphertext.

Return type:

bytes

Returns:

The ciphertext.

async classmethod decrypt(ciphertext, key, associated_data)[source]

Parameters:

ciphertext (bytes) – The ciphertext to decrypt.
key (bytes) – The decryption key.
associated_data (bytes) – Additional data to authenticate without including it in the ciphertext.

Return type:

bytes

Returns:

The plaintext.

Raises:

AuthenticationFailedException – if the message could not be authenticated using the associated data.
DecryptionFailedException – if the decryption failed for a different reason (e.g. invalid padding).