Module: aead_aes_hmac¶
- class doubleratchet.recommended.aead_aes_hmac.AEAD[source]¶
Bases:
AEAD
An implementation of Authenticated Encryption with Associated Data using AES-256 in CBC mode, HKDF and HMAC with SHA-256 or SHA-512:
HKDF is used with SHA-256 or SHA-512 to generate 80 bytes of output. The HKDF salt is set to a zero-filled byte sequence equal to the digest size of the hash function. HKDF input key material is set to AEAD key. HKDF info is set to an application-specific byte sequence distinct from other uses of HKDF in the application.
The HKDF output is divided into a 32-byte encryption key, a 32-byte authentication key, and a 16-byte IV.
The plaintext is encrypted using AES-256 in CBC mode with PKCS#7 padding, using the encryption key and IV from the previous step.
HMAC is calculated using the authentication key and the same hash function as above. The HMAC input is the associated_data prepended to the ciphertext. The HMAC output is appended to the ciphertext.
- async classmethod encrypt(plaintext, key, associated_data)[source]¶
- Parameters
plaintext (
bytes
) – The plaintext to encrypt.key (
bytes
) – The encryption key.associated_data (
bytes
) – Additional data to authenticate without including it in the ciphertext.
- Return type
bytes
- Returns
The ciphertext.
- async classmethod decrypt(ciphertext, key, associated_data)[source]¶
- Parameters
ciphertext (
bytes
) – The ciphertext to decrypt.key (
bytes
) – The decryption key.associated_data (
bytes
) – Additional data to authenticate without including it in the ciphertext.
- Return type
bytes
- Returns
The plaintext.
- Raises
AuthenticationFailedException – if the message could not be authenticated using the associated data.
DecryptionFailedException – if the decryption failed for a different reason (e.g. invalid padding).