:py:mod:`pylibressl.cipher`
===========================

.. py:module:: pylibressl.cipher

.. autoapi-nested-parse::

   Symmetric ciphers

   Includes both authenticated and not authenticated modes and onion ciphering.

   Non-authenticated example:

   >>> from pylibressl.cipher import GOST89_CTR
   >>> key, iv = b'1'*GOST89_CTR.key_length(), b'2'*GOST89_CTR.iv_length()
   >>> data = b'Some data to be encoded'
   >>> encoded_data = GOST89_CTR(key, iv).encrypt(data)

   Authenticated example:

   >>> from pylibresl.cipher import GOST89_HMAC_Streebog512
   >>>
   >>> data = b'Attack at dawn'
   >>> key = b'ñ' * GOST89_HMAC_Streebog512.CIPHER_TYPE.key_length()
   >>> iv = b':' * GOST89_HMAC_Streebog512.CIPHER_TYPE.iv_length()
   >>> ciphertext, auth_code = GOST89_HMAC_Streebog512(key, iv).encrypt(data)
   >>>
   >>> # Decryption:
   >>> decrypted = GOST89_HMAC_Streebog512(key, iv).decrypt(ciphertext, auth_code)
   >>> assert decrypted == data

   AEAD (AES-GCM) example:

   >>> from pylibressl.cipher import AES256_GCM
   >>>
   >>> data = b'PIN code is 1234'
   >>> key = b'1' * AES256_GCM.key_length()
   >>> iv = b'2' * AES256_GCM.iv_length()
   >>> aad = b'Credit card data for John Doe'   # additional authenticated data
   >>> ciphertext, tag = AES256_GCM(key, iv).encrypt(data, aad=aad)
   >>>
   >>> # Decryption:
   >>> decrypted = AES256_GCM(key, iv).decrypt(data, tag, aad=aad)
   >>> assert data == decrypted

   Onion ciphering:

   >>> from pylibressl.cipher import Onion_AES256_GOST89, AES256_GCM, GOST89_CTR
   >>>
   >>> key1 = b'ð' * AES256_GCM.key_length()
   >>> iv1 = b'ñ' * AES256_GCM.iv_length()
   >>> key2 = b'ò' * GOST89_CTR.key_length()
   >>> iv2 = b'ó' * GOST89_CTR.iv_length()
   >>> key_list = [(key1, iv1), (key2, iv2)]
   >>>
   >>> data = b'Attack at dawn.'
   >>>
   >>> ciphertext, auth_codes = Onion_AES256_GOST89(key_list).encrypt(data)
   >>> decrypted = Onion_AES256_GOST89(key_list).decrypt(data, auth_codes)
   >>> assert data == decrypted



Submodules
----------
.. toctree::
   :titlesonly:
   :maxdepth: 1

   auth/index.rst
   cipher/index.rst
   noauth/index.rst
   onion/index.rst


Package Contents
----------------

Classes
~~~~~~~

.. autoapisummary::

   pylibressl.cipher.AES256_GCM
   pylibressl.cipher.CipherHMAC
   pylibressl.cipher.AES256_CBC
   pylibressl.cipher.AES256_CTR
   pylibressl.cipher.GOST89_CTR
   pylibressl.cipher.OnionCipher




Attributes
~~~~~~~~~~

.. autoapisummary::

   pylibressl.cipher.MODE_CTR
   pylibressl.cipher.MODE_GCM
   pylibressl.cipher.MODE_CBC
   pylibressl.cipher.BLOCK_MODES
   pylibressl.cipher.AES256_HMAC_SHA512
   pylibressl.cipher.GOST89_HMAC_Streebog512
   pylibressl.cipher.Onion_AES256_GOST89
   pylibressl.cipher.AES256


.. py:data:: MODE_CTR
   :annotation: = 1

   

.. py:data:: MODE_GCM
   :annotation: = 2

   

.. py:data:: MODE_CBC
   :annotation: = 3

   

.. py:data:: BLOCK_MODES
   

   

.. py:class:: AES256_GCM(key, iv)

   Bases: :py:obj:`BaseCipherGCM`

   AES 256-bit cipher in GCM (Galois counter) mode.

   .. py:attribute:: _CIPHER_ID
      

      

   .. py:attribute:: _MODE
      

      


.. py:class:: CipherHMAC(key, iv)

   Bases: :py:obj:`BaseCipherAuth`

   Ready to use cipher+HMAC combination.

   .. py:method:: new(cls, cipher_type, hash_type, name='NewCipherHMAC')
      :classmethod:

      Create new cipher+HMAC type.


   .. py:method:: encrypt(self, data)

      Encrypt a message.

      :param data: data to encrypt as a byte string
      :return: encrypted message and authencity code as byte strings



   .. py:method:: decrypt(self, data, auth_code)

      Encrypt a message.

      :param data: data to encrypt as a byte string
      :param auth_code: authencity code as byte strings
      :return: decrypted message




.. py:data:: AES256_HMAC_SHA512
   

   

.. py:data:: GOST89_HMAC_Streebog512
   

   

.. py:class:: AES256_CBC(key, iv)

   Bases: :py:obj:`BaseCipherNoauth`

   AES 256-bit cipher in CBC (cipher block chaining) mode.

   .. py:attribute:: _CIPHER_ID
      

      

   .. py:attribute:: _MODE
      

      


.. py:class:: AES256_CTR(key, iv)

   Bases: :py:obj:`BaseCipherNoauth`

   AES 256-bit cipher in CTR (counter) mode.

   .. py:attribute:: _CIPHER_ID
      

      

   .. py:attribute:: _MODE
      

      


.. py:class:: GOST89_CTR(key, iv)

   Bases: :py:obj:`BaseCipherNoauth`

   GOST R 28147-89 256-bit cipher in CTR (counter) mode.

   .. py:attribute:: _CIPHER_ID
      

      

   .. py:attribute:: _MODE
      

      


.. py:class:: OnionCipher(key_list)

   Bases: :py:obj:`object`

   Onion ciphering.

   .. py:method:: new(cls, cipher_list_, name='NewOnionCipher')
      :classmethod:

      Create new onion cipher chain.

      Ciphers are set in encryption order.



   .. py:method:: encrypt(self, data)

      Encrypt a message.


   .. py:method:: decrypt(self, data, auth_codes)

      Decrypt a message.



.. py:data:: Onion_AES256_GOST89
   

   

.. py:data:: AES256