8002749462

Committed 22 Feb 2024 10:07AM UTC coverage: 88.482%. First build

Build # 8002749462

Build Type

push

github

Committed by

Synss

Commit Message

pk: Track cipher content internally

mbedtls-3.x

Run Details

2704 of 3056 relevant lines covered (88.48%)

0.88 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

91.67

/src/mbedtls/cipher/AES.py

# SPDX-License-Identifier: MIT
# Copyright (c) 2016, Elaborated Networks GmbH
# Copyright (c) 2019, Mathias Laurin

"""Advanced Encryption Standard (AES) cipher established by the U.S.
NIST in 2001.

"""

from __future__ import annotations

from typing import Final, Literal, Optional, Union, overload

from mbedtls.exceptions import TLSError

from ._cipher import AEADCipher, Cipher, Mode

__all__ = ["block_size", "key_size", "new"]


block_size: Final = 16
key_size: Final = None


@overload
def new(
    key: bytes,
    mode: Literal[Mode.CCM, Mode.GCM],
    iv: Optional[bytes] = ...,
    ad: Optional[bytes] = ...,
) -> AEADCipher: ...


@overload
def new(
    key: bytes,
    mode: Literal[Mode.CBC, Mode.CFB, Mode.CTR, Mode.ECB, Mode.OFB, Mode.XTS],
    iv: Optional[bytes] = ...,
) -> Cipher: ...


def new(
    key: bytes,
    mode: Union[Mode, int],
    iv: Optional[bytes] = None,
    ad: Optional[bytes] = None,
) -> Union[AEADCipher, Cipher]:
    """Return a `Cipher` object that can perform AES encryption and
    decryption.

    Advanced Encryption Standard (AES) cipher established by the U.S.
    NIST in 2001.

    Parameters:
        key: The key to encrypt decrypt.  If None,
            encryption and decryption are unavailable.
        mode: The mode of operation of the cipher.
        iv: The initialization vector (IV).  The IV is
            required for every mode but ECB and CTR where it is ignored.
            If not set, the IV is initialized to all 0, which should not
            be used for encryption.

    """
    mode_ = Mode(mode)
    if mode_ in {
        Mode.CBC,
        Mode.CCM,
        Mode.CFB,
        Mode.CTR,
        Mode.ECB,
        Mode.GCM,
        Mode.OFB,
    }:
        if len(key) not in {16, 24, 32}:
            raise TLSError(
                msg="key size must 16, 24, or 32 bytes, got %i" % len(key)
            )
    elif mode_ is Mode.XTS:
        if len(key) not in {32, 64}:
            raise TLSError(
                msg="key size must 32, or 64 bytes, got %i" % len(key)
            )
    else:
        raise TLSError(msg="unsupported mode %r" % mode_)
    if mode_ is Mode.XTS:
        name = ("AES-%i-%s" % (len(key) * 4, mode_.name)).encode("ascii")
    else:
        name = (
            "AES-%i-%s%s"
            % (
                len(key) * 8,
                mode_.name,
                "128" if mode_ is Mode.CFB else "",
            )
        ).encode("ascii")
    if mode_ in {Mode.GCM, Mode.CCM}:
        return AEADCipher(name, key, mode_, iv, ad)
    return Cipher(name, key, mode_, iv)

1	# SPDX-License-Identifier: MIT
2	# Copyright (c) 2016, Elaborated Networks GmbH
3	# Copyright (c) 2019, Mathias Laurin
4
5	"""Advanced Encryption Standard (AES) cipher established by the U.S.	1✔
6	NIST in 2001.
7
8	"""
9
10	from __future__ import annotations	1✔
11
12	from typing import Final, Literal, Optional, Union, overload
13
14	from mbedtls.exceptions import TLSError	1✔
15
16	from ._cipher import AEADCipher, Cipher, Mode	1✔
17
18	__all__ = ["block_size", "key_size", "new"]	1✔
19
20
21	block_size: Final = 16	1✔
22	key_size: Final = None	1✔
23
24
25	@overload	1✔
26	def new(
27	key: bytes,
28	mode: Literal[Mode.CCM, Mode.GCM],
29	iv: Optional[bytes] = ...,
30	ad: Optional[bytes] = ...,
31	) -> AEADCipher: ...
32
33
34	@overload	1✔
35	def new(
36	key: bytes,
37	mode: Literal[Mode.CBC, Mode.CFB, Mode.CTR, Mode.ECB, Mode.OFB, Mode.XTS],
38	iv: Optional[bytes] = ...,
39	) -> Cipher: ...
40
41
42	def new(	1✔
43	key: bytes,
44	mode: Union[Mode, int],
45	iv: Optional[bytes] = None,
46	ad: Optional[bytes] = None,
47	) -> Union[AEADCipher, Cipher]:
48	"""Return a `Cipher` object that can perform AES encryption and
49	decryption.
50
51	Advanced Encryption Standard (AES) cipher established by the U.S.
52	NIST in 2001.
53
54	Parameters:
55	key: The key to encrypt decrypt. If None,
56	encryption and decryption are unavailable.
57	mode: The mode of operation of the cipher.
58	iv: The initialization vector (IV). The IV is
59	required for every mode but ECB and CTR where it is ignored.
60	If not set, the IV is initialized to all 0, which should not
61	be used for encryption.
62
63	"""
64	mode_ = Mode(mode)	1✔
65	if mode_ in {	1✔
66	Mode.CBC,
67	Mode.CCM,
68	Mode.CFB,
69	Mode.CTR,
70	Mode.ECB,
71	Mode.GCM,
72	Mode.OFB,
73	}:
74	if len(key) not in {16, 24, 32}:	1✔
75	raise TLSError(	×
76	msg="key size must 16, 24, or 32 bytes, got %i" % len(key)
77	)
78	elif mode_ is Mode.XTS:	1✔
79	if len(key) not in {32, 64}:	1✔
80	raise TLSError(	×
81	msg="key size must 32, or 64 bytes, got %i" % len(key)
82	)
83	else:
84	raise TLSError(msg="unsupported mode %r" % mode_)	1✔
85	if mode_ is Mode.XTS:	1✔
86	name = ("AES-%i-%s" % (len(key) * 4, mode_.name)).encode("ascii")	1✔
87	else:
88	name = (	1✔
89	"AES-%i-%s%s"
90	% (
91	len(key) * 8,
92	mode_.name,
93	"128" if mode_ is Mode.CFB else "",
94	)
95	).encode("ascii")
96	if mode_ in {Mode.GCM, Mode.CCM}:	1✔
97	return AEADCipher(name, key, mode_, iv, ad)	1✔
98	return Cipher(name, key, mode_, iv)	1✔

Synss / python-mbedtls / 8002749462

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous