我们从Python开源项目中,提取了以下18个代码示例,用于说明如何使用cryptography.hazmat.primitives.ciphers.modes.ModeWithNonce()。
def __init__(self, backend, cipher, mode, operation): self._backend = backend self._cipher = cipher self._mode = mode self._operation = operation # There is a bug in CommonCrypto where block ciphers do not raise # kCCAlignmentError when finalizing if you supply non-block aligned # data. To work around this we need to keep track of the block # alignment ourselves, but only for alg+mode combos that require # block alignment. OFB, CFB, and CTR make a block cipher algorithm # into a stream cipher so we don't need to track them (and thus their # block size is effectively 1 byte just like OpenSSL/CommonCrypto # treat RC4 and other stream cipher block sizes). # This bug has been filed as rdar://15589470 self._bytes_processed = 0 if (isinstance(cipher, ciphers.BlockCipherAlgorithm) and not isinstance(mode, (OFB, CFB, CFB8, CTR))): self._byte_block_size = cipher.block_size // 8 else: self._byte_block_size = 1 registry = self._backend._cipher_registry try: cipher_enum, mode_enum = registry[type(cipher), type(mode)] except KeyError: raise UnsupportedAlgorithm( "cipher {0} in {1} mode is not supported " "by this backend.".format( cipher.name, mode.name if mode else mode), _Reasons.UNSUPPORTED_CIPHER ) ctx = self._backend._ffi.new("CCCryptorRef *") ctx = self._backend._ffi.gc(ctx, self._backend._release_cipher_ctx) if isinstance(mode, modes.ModeWithInitializationVector): iv_nonce = mode.initialization_vector elif isinstance(mode, modes.ModeWithNonce): iv_nonce = mode.nonce else: iv_nonce = self._backend._ffi.NULL if isinstance(mode, CTR): mode_option = self._backend._lib.kCCModeOptionCTR_BE else: mode_option = 0 res = self._backend._lib.CCCryptorCreateWithMode( operation, mode_enum, cipher_enum, self._backend._lib.ccNoPadding, iv_nonce, cipher.key, len(cipher.key), self._backend._ffi.NULL, 0, 0, mode_option, ctx) self._backend._check_cipher_response(res) self._ctx = ctx
def __init__(self, backend, cipher, mode, operation): self._backend = backend # TODO: softhsm only supports AES/3DES with ECB/CBC if not backend.cipher_supported(cipher, mode): raise UnsupportedAlgorithm( "cipher {0} in {1} mode is not supported " "by this backend.".format( cipher.name, mode.name if mode else mode), _Reasons.UNSUPPORTED_CIPHER ) if isinstance(cipher, KeyHandle): self._key_handle = cipher.key else: self._key_handle = key_handle_from_bytes(cipher.key, backend) self._cipher = cipher self._mode = mode self._operation = operation self._buffer = b"" if isinstance(self._cipher, ciphers.BlockCipherAlgorithm): self._block_size = self._cipher.block_size // 8 else: self._block_size = 1 if isinstance(mode, modes.ModeWithInitializationVector): iv_nonce = self._backend._ffi.new( "CK_BYTE[]", mode.initialization_vector ) iv_nonce_len = len(mode.initialization_vector) elif isinstance(mode, modes.ModeWithNonce): iv_nonce = self._backend._ffi.new("CK_BYTE[]", mode.nonce) iv_nonce_len = len(mode.nonce) else: iv_nonce = self._backend._ffi.NULL iv_nonce_len = 0 mech = self._backend._ffi.new("CK_MECHANISM *") mech.mechanism = self._get_mechanism(cipher, mode) mech.parameter = iv_nonce mech.parameter_len = iv_nonce_len self._session = self._backend._session_pool.acquire_and_init( backend, self._operation["init"], mech, self._key_handle._handle )
