| # Copyright 2019 Google LLC. |
| # |
| # Licensed under the Apache License, Version 2.0 (the "License"); |
| # you may not use this file except in compliance with the License. |
| # You may obtain a copy of the License at |
| # |
| # http://www.apache.org/licenses/LICENSE-2.0 |
| # |
| # Unless required by applicable law or agreed to in writing, software |
| # distributed under the License is distributed on an "AS IS" BASIS, |
| # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| # See the License for the specific language governing permissions and |
| # limitations under the License. |
| |
| from "tink/python/util/clif.h" import * # StatusOr |
| |
| from "tink/cc/aead.h": |
| namespace `crypto::tink`: |
| # The interface for authenticated encryption with associated data. |
| # Implementations of this interface are secure against adaptive |
| # chosen ciphertext attacks. Encryption with associated data ensures |
| # authenticity and integrity of that data, but not its secrecy. |
| # (see RFC 5116, https://tools.ietf.org/html/rfc5116) |
| class Aead: |
| # Encrypts 'plaintext' with 'associated_data' as associated data, |
| # and returns the resulting ciphertext. |
| # The ciphertext allows for checking authenticity and integrity |
| # of the associated data , but does not guarantee its secrecy. |
| def `Encrypt` as encrypt(self, plaintext: bytes, associated_data: bytes) |
| -> StatusOr<bytes> |
| # Decrypts 'ciphertext' with 'associated_data' as associated data, |
| # and returns the resulting plaintext. |
| # The decryption verifies the authenticity and integrity |
| # of the associated data, but there are no guarantees wrt. secrecy |
| # of that data. |
| def `Decrypt` as decrypt(self, ciphertext: bytes, associated_data: bytes) |
| -> StatusOr<bytes> |