xref: /aosp_15_r20/external/tink/python/tink/cc/pybind/aead.cc (revision e7b1675dde1b92d52ec075b0a92829627f2c52a5) 
1 // Copyright 2019 Google Inc.
2 //
3 // Licensed under the Apache License, Version 2.0 (the "License");
4 // you may not use this file except in compliance with the License.
5 // You may obtain a copy of the License at
6 //
7 //     http://www.apache.org/licenses/LICENSE-2.0
8 //
9 // Unless required by applicable law or agreed to in writing, software
10 // distributed under the License is distributed on an "AS IS" BASIS,
11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 // See the License for the specific language governing permissions and
13 // limitations under the License.
14 //
15 ///////////////////////////////////////////////////////////////////////////////
16 
17 #include "tink/cc/pybind/aead.h"
18 
19 #include <string>
20 #include <utility>
21 
22 #include "pybind11/pybind11.h"
23 #include "tink/aead.h"
24 #include "tink/util/statusor.h"
25 #include "tink/cc/pybind/tink_exception.h"
26 
27 namespace crypto {
28 namespace tink {
29 
30 using pybind11::google_tink::TinkException;
31 
PybindRegisterAead(pybind11::module * module)32 void PybindRegisterAead(pybind11::module* module) {
33   namespace py = pybind11;
34   py::module& m = *module;
35 
36   // TODO(b/146492561): Reduce the number of complicated lambdas.
37   py::class_<Aead>(
38       m, "Aead",
39       "The interface for authenticated encryption with associated data. "
40       "Implementations of this interface are secure against adaptive "
41       "chosen ciphertext attacks.  Encryption with associated data ensures "
42       "authenticity and integrity of that data, but not its secrecy. "
43       "(see RFC 5116, https://tools.ietf.org/html/rfc5116)")
44 
45       .def(
46           "encrypt",
47           [](const Aead &self, const py::bytes &plaintext,
48              const py::bytes &associated_data) -> py::bytes {
49             util::StatusOr<std::string> result = self.Encrypt(
50                 std::string(plaintext), std::string(associated_data));
51             if (!result.ok()) {
52               throw TinkException(result.status());
53             }
54             return *std::move(result);
55           },
56           py::arg("plaintext"), py::arg("associated_data"),
57           "Encrypts 'plaintext' with 'associated_data' as associated data, "
58           "and returns the resulting ciphertext. "
59           "The ciphertext allows for checking authenticity and integrity "
60           "of the associated data, but does not guarantee its secrecy.")
61       .def(
62           "decrypt",
63           [](const Aead &self, const py::bytes &ciphertext,
64              const py::bytes &associated_data) -> py::bytes {
65             // TODO(b/145925674)
66             util::StatusOr<std::string> result = self.Decrypt(
67                 std::string(ciphertext), std::string(associated_data));
68             if (!result.ok()) {
69               throw TinkException(result.status());
70             }
71             return *std::move(result);
72           },
73           py::arg("ciphertext"), py::arg("associated_data"),
74           "Decrypts 'ciphertext' with 'associated_data' as associated data, "
75           "and returns the resulting plaintext. "
76           "The decryption verifies the authenticity and integrity "
77           "of the associated data, but there are no guarantees wrt. secrecy "
78           "of that data.");
79 }
80 
81 }  // namespace tink
82 }  // namespace crypto
83