MCPcopy
hub / github.com/authlib/authlib / decrypt

Method decrypt

authlib/jose/rfc7518/jwe_encs.py:71–93  ·  view source on GitHub ↗

Key Decryption with AES AES_CBC_HMAC_SHA2. :param ciphertext: ciphertext in bytes :param aad: additional authenticated data in bytes :param iv: initialization vector in bytes :param tag: authentication tag in bytes :param key: encrypted key in bytes :

(self, ciphertext, aad, iv, tag, key)

Source from the content-addressed store, hash-verified

69 return ciphertext, tag
70
71 def decrypt(self, ciphertext, aad, iv, tag, key):
72 """Key Decryption with AES AES_CBC_HMAC_SHA2.
73
74 :param ciphertext: ciphertext in bytes
75 :param aad: additional authenticated data in bytes
76 :param iv: initialization vector in bytes
77 :param tag: authentication tag in bytes
78 :param key: encrypted key in bytes
79 :return: message
80 """
81 self.check_iv(iv)
82 hkey = key[: self.key_len]
83 dkey = key[self.key_len :]
84
85 _tag = self._hmac(ciphertext, aad, iv, hkey)
86 if not hmac.compare_digest(_tag, tag):
87 raise InvalidTag()
88
89 cipher = Cipher(AES(dkey), CBC(iv), backend=default_backend())
90 d = cipher.decryptor()
91 data = d.update(ciphertext) + d.finalize()
92 unpad = PKCS7(AES.block_size).unpadder()
93 return unpad.update(data) + unpad.finalize()
94
95
96class GCMEncAlgorithm(JWEEncAlgorithm):

Callers

nothing calls this directly

Calls 2

_hmacMethod · 0.95
check_ivMethod · 0.80

Tested by

no test coverage detected