python/examples/walkthrough/obtain_and_use_a_primitive.py - third_party/tink - Git at Google

 # Copyright 2022 Google LLC
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
 #
 #      http://www.apache.org/licenses/LICENSE-2.0
 #
 # Unless required by applicable law or agreed to in writing, software
 # distributed under the License is distributed on an "AS-IS" BASIS,
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 # See the License for the specific language governing permissions and
 # limitations under the License.
 """Example to showcase how to obtain and use a primitive from a keyset."""
 # [START tink_walkthrough_obtain_and_use_a_primitive]
 import tink
 from tink import aead


 def AeadEncrypt(keyset_handle: tink.KeysetHandle, plaintext: bytes,
                 associated_data: bytes) -> bytes:
   """AEAD encrypts a plaintext with the primary key in keyset_handle.

   Prerequisites for this example:
    - Register AEAD implementations of Tink.
    - Create a keyset and get a handle to it.

   Args:
     keyset_handle: Keyset handle containing at least an AEAD key.
     plaintext: Plaintext to encrypt.
     associated_data: Associated data.

   Returns:
     The resulting ciphertext

   Raises:
     tink.TinkError in case of errors.
   """
   # To facilitate key rotation, `primitive` returns an Aead primitive that
   # "wraps" multiple Aead primitives in the keyset. It uses the primary key to
   # encrypt; For the key we use in this example, the first 5 bytes of the
   # ciphertext contain the ID of the encryption key.
   aead_primitive = keyset_handle.primitive(aead.Aead)
   return aead_primitive.encrypt(plaintext, associated_data)


 def AeadDecrypt(keyset_handle: tink.KeysetHandle, ciphertext: bytes,
                 associated_data: bytes) -> bytes:
   """AEAD decrypts a ciphertext with the corresponding key in keyset_handle.

   Prerequisites for this example:
    - Register AEAD implementations of Tink.
    - Create a keyset and get a handle to it.
    - Encrypt a plaintext with an AEAD primitive in keyset_handle.

   Args:
     keyset_handle: Keyset handle containing at least an AEAD key.
     ciphertext: Tink ciphertext to decrypt.
     associated_data: Associated data.

   Returns:
     The resulting ciphertext

   Raises:
     tink.TinkError in case of errors.
   """
   # To facilitate key rotation, `primitive` returns an Aead primitive that
   # "wraps" multiple Aead primitives in the keyset. In this example, it uses the
   # key that was used to encrypt looking it up by key ID; the ID is contained in
   # the first 5 bytes of the ciphertext.
   aead_primitive = keyset_handle.primitive(aead.Aead)
   return aead_primitive.decrypt(ciphertext, associated_data)


 # [END tink_walkthrough_obtain_and_use_a_primitive]
	# Copyright 2022 Google LLC
	#
	# Licensed under the Apache License, Version 2.0 (the "License");
	# you may not use this file except in compliance with the License.
	# You may obtain a copy of the License at
	#
	# http://www.apache.org/licenses/LICENSE-2.0
	#
	# Unless required by applicable law or agreed to in writing, software
	# distributed under the License is distributed on an "AS-IS" BASIS,
	# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	# See the License for the specific language governing permissions and
	# limitations under the License.
	"""Example to showcase how to obtain and use a primitive from a keyset."""
	# [START tink_walkthrough_obtain_and_use_a_primitive]
	import tink
	from tink import aead


	def AeadEncrypt(keyset_handle: tink.KeysetHandle, plaintext: bytes,
	associated_data: bytes) -> bytes:
	"""AEAD encrypts a plaintext with the primary key in keyset_handle.

	Prerequisites for this example:
	- Register AEAD implementations of Tink.
	- Create a keyset and get a handle to it.

	Args:
	keyset_handle: Keyset handle containing at least an AEAD key.
	plaintext: Plaintext to encrypt.
	associated_data: Associated data.

	Returns:
	The resulting ciphertext

	Raises:
	tink.TinkError in case of errors.
	"""
	# To facilitate key rotation, `primitive` returns an Aead primitive that
	# "wraps" multiple Aead primitives in the keyset. It uses the primary key to
	# encrypt; For the key we use in this example, the first 5 bytes of the
	# ciphertext contain the ID of the encryption key.
	aead_primitive = keyset_handle.primitive(aead.Aead)
	return aead_primitive.encrypt(plaintext, associated_data)


	def AeadDecrypt(keyset_handle: tink.KeysetHandle, ciphertext: bytes,
	associated_data: bytes) -> bytes:
	"""AEAD decrypts a ciphertext with the corresponding key in keyset_handle.

	Prerequisites for this example:
	- Register AEAD implementations of Tink.
	- Create a keyset and get a handle to it.
	- Encrypt a plaintext with an AEAD primitive in keyset_handle.

	Args:
	keyset_handle: Keyset handle containing at least an AEAD key.
	ciphertext: Tink ciphertext to decrypt.
	associated_data: Associated data.

	Returns:
	The resulting ciphertext

	Raises:
	tink.TinkError in case of errors.
	"""
	# To facilitate key rotation, `primitive` returns an Aead primitive that
	# "wraps" multiple Aead primitives in the keyset. In this example, it uses the
	# key that was used to encrypt looking it up by key ID; the ID is contained in
	# the first 5 bytes of the ciphertext.
	aead_primitive = keyset_handle.primitive(aead.Aead)
	return aead_primitive.decrypt(ciphertext, associated_data)


	# [END tink_walkthrough_obtain_and_use_a_primitive]