Skip to content

AntonKueltz/rfc7539

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

46 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

RFC7539

PyPI Travis

About

RFC7539 is an IETF specification for an authenticated encryption algorithm that will be incorporated into TLSv1.3. It is comprised of a stream cipher (ChaCha20) and a MAC (Poly1305), both written by Daniel J. Bernstein. The C implementations for both of these primitives are taken from the NSS library (the reason being that openSSL has license incompatibilities and also requires the openSSL headers which is more overhead than we need to implement these fairly basic primitives). The NSS code has been slightly modified to account for the 96 bit nonce and 32 bit counter specified in the RFC.

Installation

Method 1

pip install rfc7539

Method 2

git clone https://github.com/AntonKueltz/rfc7539.git
cd rfc7539
python setup.py install

Basic API

aead.encrypt_and_tag

Takes a key, nonce, plaintext and additional data and returns a ciphertext and MAC.

def encrypt_and_tag(
    key: bytes,
    nonce: bytes,
    plaintext: bytes,
    aad: bytes
) -> (bytes, bytes)

aead.verify_and_decrypt

Takes a key, nonce, ciphertext, MAC and additional data and returns a plaintext.

def verify_and_decrypt(
    key: bytes,
    nonce: bytes,
    ciphertext: bytes,
    mac: bytes,
    aad: bytes
) -> bytes

Example Usage

You should use the authenticated encryption mode unless you really need to use one of the primitives by itself:

from rfc7539 import aead
from os import urandom

key = urandom(32)  # key is 32 bytes
nonce = b'thisisanonce'  # nonce is 12 bytes (DO NOT REUSE A NONCE WITH THE SAME KEY)
message = b'Some message to be encrypted'
additional_data = b'Some additional data'  # this will not be encrypted but will be verified for integrity

# encryption
ciphertext, mac = aead.encrypt_and_tag(key, nonce, message, additional_data)

# decryption (which yields plaintext == message)
plaintext = aead.verify_and_decrypt(key, nonce, ciphertext, mac, additional_data)

Note that all operations in this package work on bytes. You'll need to call e.g. encode() on strings before passing them as arguments.