diff options
| -rw-r--r-- | cryptography/hazmat/bindings/openssl/backend.py | 6 | ||||
| -rw-r--r-- | cryptography/hazmat/primitives/block/base.py | 56 | ||||
| -rw-r--r-- | cryptography/hazmat/primitives/ciphers/__init__.py (renamed from cryptography/hazmat/primitives/block/__init__.py) | 4 | ||||
| -rw-r--r-- | cryptography/hazmat/primitives/ciphers/algorithms.py (renamed from cryptography/hazmat/primitives/block/ciphers.py) | 42 | ||||
| -rw-r--r-- | cryptography/hazmat/primitives/ciphers/modes.py (renamed from cryptography/hazmat/primitives/block/modes.py) | 0 | ||||
| -rw-r--r-- | tests/hazmat/bindings/test_openssl.py | 8 | ||||
| -rw-r--r-- | tests/hazmat/primitives/test_3des.py | 14 | ||||
| -rw-r--r-- | tests/hazmat/primitives/test_aes.py | 14 | ||||
| -rw-r--r-- | tests/hazmat/primitives/test_block.py | 32 | ||||
| -rw-r--r-- | tests/hazmat/primitives/test_blowfish.py | 18 | ||||
| -rw-r--r-- | tests/hazmat/primitives/test_camellia.py | 18 | ||||
| -rw-r--r-- | tests/hazmat/primitives/test_cast5.py | 6 | ||||
| -rw-r--r-- | tests/hazmat/primitives/test_ciphers.py | 2 | ||||
| -rw-r--r-- | tests/hazmat/primitives/utils.py | 4 |
14 files changed, 107 insertions, 117 deletions
diff --git a/cryptography/hazmat/bindings/openssl/backend.py b/cryptography/hazmat/bindings/openssl/backend.py index ea1073b9..18388783 100644 --- a/cryptography/hazmat/bindings/openssl/backend.py +++ b/cryptography/hazmat/bindings/openssl/backend.py @@ -20,10 +20,12 @@ import cffi from cryptography.exceptions import UnsupportedAlgorithm from cryptography.hazmat.primitives import interfaces -from cryptography.hazmat.primitives.block.ciphers import ( +from cryptography.hazmat.primitives.ciphers.algorithms import ( AES, Blowfish, Camellia, CAST5, TripleDES, ) -from cryptography.hazmat.primitives.block.modes import CBC, CTR, ECB, OFB, CFB +from cryptography.hazmat.primitives.ciphers.modes import ( + CBC, CTR, ECB, OFB, CFB +) class Backend(object): diff --git a/cryptography/hazmat/primitives/block/base.py b/cryptography/hazmat/primitives/block/base.py deleted file mode 100644 index ece3b32d..00000000 --- a/cryptography/hazmat/primitives/block/base.py +++ /dev/null @@ -1,56 +0,0 @@ -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or -# implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -from __future__ import absolute_import, division, print_function - -from cryptography.hazmat.primitives import interfaces - - -class BlockCipher(object): - def __init__(self, cipher, mode, backend=None): - super(BlockCipher, self).__init__() - - if backend is None: - from cryptography.hazmat.bindings import ( - _default_backend as backend, - ) - - self.cipher = cipher - self.mode = mode - self._backend = backend - - def encryptor(self): - return _CipherContext( - self._backend.ciphers.create_encrypt_ctx(self.cipher, self.mode)) - - def decryptor(self): - return _CipherContext( - self._backend.ciphers.create_decrypt_ctx(self.cipher, self.mode)) - - -@interfaces.register(interfaces.CipherContext) -class _CipherContext(object): - def __init__(self, ctx): - self._ctx = ctx - - def update(self, data): - if self._ctx is None: - raise ValueError("Context was already finalized") - return self._ctx.update(data) - - def finalize(self): - if self._ctx is None: - raise ValueError("Context was already finalized") - data = self._ctx.finalize() - self._ctx = None - return data diff --git a/cryptography/hazmat/primitives/block/__init__.py b/cryptography/hazmat/primitives/ciphers/__init__.py index 5b8942b6..0e81de35 100644 --- a/cryptography/hazmat/primitives/block/__init__.py +++ b/cryptography/hazmat/primitives/ciphers/__init__.py @@ -13,9 +13,9 @@ from __future__ import absolute_import, division, print_function -from cryptography.hazmat.primitives.block.base import BlockCipher +from cryptography.hazmat.primitives.ciphers.algorithms import Cipher __all__ = [ - "BlockCipher", + "Cipher", ] diff --git a/cryptography/hazmat/primitives/block/ciphers.py b/cryptography/hazmat/primitives/ciphers/algorithms.py index 8046bd26..0b11e466 100644 --- a/cryptography/hazmat/primitives/block/ciphers.py +++ b/cryptography/hazmat/primitives/ciphers/algorithms.py @@ -13,6 +13,48 @@ from __future__ import absolute_import, division, print_function +from cryptography.hazmat.primitives import interfaces + + +class Cipher(object): + def __init__(self, cipher, mode, backend=None): + super(Cipher, self).__init__() + + if backend is None: + from cryptography.hazmat.bindings import ( + _default_backend as backend, + ) + + self.cipher = cipher + self.mode = mode + self._backend = backend + + def encryptor(self): + return _CipherContext( + self._backend.ciphers.create_encrypt_ctx(self.cipher, self.mode)) + + def decryptor(self): + return _CipherContext( + self._backend.ciphers.create_decrypt_ctx(self.cipher, self.mode)) + + +@interfaces.register(interfaces.CipherContext) +class _CipherContext(object): + def __init__(self, ctx): + self._ctx = ctx + + def update(self, data): + if self._ctx is None: + raise ValueError("Context was already finalized") + return self._ctx.update(data) + + def finalize(self): + if self._ctx is None: + raise ValueError("Context was already finalized") + data = self._ctx.finalize() + self._ctx = None + return data + class AES(object): name = "AES" diff --git a/cryptography/hazmat/primitives/block/modes.py b/cryptography/hazmat/primitives/ciphers/modes.py index a60e8a34..a60e8a34 100644 --- a/cryptography/hazmat/primitives/block/modes.py +++ b/cryptography/hazmat/primitives/ciphers/modes.py diff --git a/tests/hazmat/bindings/test_openssl.py b/tests/hazmat/bindings/test_openssl.py index f283a7dd..f1493e8d 100644 --- a/tests/hazmat/bindings/test_openssl.py +++ b/tests/hazmat/bindings/test_openssl.py @@ -15,9 +15,9 @@ import pytest from cryptography.exceptions import UnsupportedAlgorithm from cryptography.hazmat.bindings.openssl.backend import backend, Backend -from cryptography.hazmat.primitives.block import BlockCipher -from cryptography.hazmat.primitives.block.ciphers import AES -from cryptography.hazmat.primitives.block.modes import CBC +from cryptography.hazmat.primitives.ciphers import Cipher +from cryptography.hazmat.primitives.ciphers.algorithms import AES +from cryptography.hazmat.primitives.ciphers.modes import CBC class FakeMode(object): @@ -62,7 +62,7 @@ class TestOpenSSL(object): FakeMode, lambda backend, cipher, mode: backend.ffi.NULL ) - cipher = BlockCipher( + cipher = Cipher( FakeCipher(), FakeMode(), backend=b, ) with pytest.raises(UnsupportedAlgorithm): diff --git a/tests/hazmat/primitives/test_3des.py b/tests/hazmat/primitives/test_3des.py index 6b3e0414..af6bdc04 100644 --- a/tests/hazmat/primitives/test_3des.py +++ b/tests/hazmat/primitives/test_3des.py @@ -20,7 +20,7 @@ from __future__ import absolute_import, division, print_function import binascii import os -from cryptography.hazmat.primitives.block import ciphers, modes +from cryptography.hazmat.primitives.ciphers import algorithms, modes from .utils import generate_encrypt_test from ...utils import load_nist_vectors_from_file @@ -37,7 +37,7 @@ class TestTripleDES_CBC(object): "TCBCvarkey.rsp", "TCBCvartext.rsp", ], - lambda keys, iv: ciphers.TripleDES(binascii.unhexlify(keys)), + lambda keys, iv: algorithms.TripleDES(binascii.unhexlify(keys)), lambda keys, iv: modes.CBC(binascii.unhexlify(iv)), ) @@ -50,7 +50,7 @@ class TestTripleDES_CBC(object): "TCBCMMT3.rsp", ], lambda key1, key2, key3, iv: ( - ciphers.TripleDES(binascii.unhexlify(key1 + key2 + key3)) + algorithms.TripleDES(binascii.unhexlify(key1 + key2 + key3)) ), lambda key1, key2, key3, iv: modes.CBC(binascii.unhexlify(iv)), ) @@ -67,7 +67,7 @@ class TestTripleDES_OFB(object): "TOFBvartext.rsp", "TOFBinvperm.rsp", ], - lambda keys, iv: ciphers.TripleDES(binascii.unhexlify(keys)), + lambda keys, iv: algorithms.TripleDES(binascii.unhexlify(keys)), lambda keys, iv: modes.OFB(binascii.unhexlify(iv)), ) @@ -80,7 +80,7 @@ class TestTripleDES_OFB(object): "TOFBMMT3.rsp", ], lambda key1, key2, key3, iv: ( - ciphers.TripleDES(binascii.unhexlify(key1 + key2 + key3)) + algorithms.TripleDES(binascii.unhexlify(key1 + key2 + key3)) ), lambda key1, key2, key3, iv: modes.OFB(binascii.unhexlify(iv)), ) @@ -97,7 +97,7 @@ class TestTripleDES_CFB(object): "TCFB64varkey.rsp", "TCFB64vartext.rsp", ], - lambda keys, iv: ciphers.TripleDES(binascii.unhexlify(keys)), + lambda keys, iv: algorithms.TripleDES(binascii.unhexlify(keys)), lambda keys, iv: modes.CFB(binascii.unhexlify(iv)), ) @@ -110,7 +110,7 @@ class TestTripleDES_CFB(object): "TCFB64MMT3.rsp", ], lambda key1, key2, key3, iv: ( - ciphers.TripleDES(binascii.unhexlify(key1 + key2 + key3)) + algorithms.TripleDES(binascii.unhexlify(key1 + key2 + key3)) ), lambda key1, key2, key3, iv: modes.CFB(binascii.unhexlify(iv)), ) diff --git a/tests/hazmat/primitives/test_aes.py b/tests/hazmat/primitives/test_aes.py index 192da648..66471fac 100644 --- a/tests/hazmat/primitives/test_aes.py +++ b/tests/hazmat/primitives/test_aes.py @@ -16,7 +16,7 @@ from __future__ import absolute_import, division, print_function import binascii import os -from cryptography.hazmat.primitives.block import ciphers, modes +from cryptography.hazmat.primitives.ciphers import algorithms, modes from .utils import generate_encrypt_test from ...utils import ( @@ -45,7 +45,7 @@ class TestAES(object): "CBCMMT192.rsp", "CBCMMT256.rsp", ], - lambda key, iv: ciphers.AES(binascii.unhexlify(key)), + lambda key, iv: algorithms.AES(binascii.unhexlify(key)), lambda key, iv: modes.CBC(binascii.unhexlify(iv)), ) @@ -69,7 +69,7 @@ class TestAES(object): "ECBMMT192.rsp", "ECBMMT256.rsp", ], - lambda key: ciphers.AES(binascii.unhexlify(key)), + lambda key: algorithms.AES(binascii.unhexlify(key)), lambda key: modes.ECB(), ) @@ -93,7 +93,7 @@ class TestAES(object): "OFBMMT192.rsp", "OFBMMT256.rsp", ], - lambda key, iv: ciphers.AES(binascii.unhexlify(key)), + lambda key, iv: algorithms.AES(binascii.unhexlify(key)), lambda key, iv: modes.OFB(binascii.unhexlify(iv)), ) @@ -117,7 +117,7 @@ class TestAES(object): "CFB128MMT192.rsp", "CFB128MMT256.rsp", ], - lambda key, iv: ciphers.AES(binascii.unhexlify(key)), + lambda key, iv: algorithms.AES(binascii.unhexlify(key)), lambda key, iv: modes.CFB(binascii.unhexlify(iv)), ) @@ -125,10 +125,10 @@ class TestAES(object): load_openssl_vectors_from_file, os.path.join("ciphers", "AES", "CTR"), ["aes-128-ctr.txt", "aes-192-ctr.txt", "aes-256-ctr.txt"], - lambda key, iv: ciphers.AES(binascii.unhexlify(key)), + lambda key, iv: algorithms.AES(binascii.unhexlify(key)), lambda key, iv: modes.CTR(binascii.unhexlify(iv)), only_if=lambda backend: backend.ciphers.supported( - ciphers.AES("\x00" * 16), modes.CTR("\x00" * 16) + algorithms.AES("\x00" * 16), modes.CTR("\x00" * 16) ), skip_message="Does not support AES CTR", ) diff --git a/tests/hazmat/primitives/test_block.py b/tests/hazmat/primitives/test_block.py index dd9c54c9..28f34478 100644 --- a/tests/hazmat/primitives/test_block.py +++ b/tests/hazmat/primitives/test_block.py @@ -19,35 +19,37 @@ import pytest from cryptography.exceptions import UnsupportedAlgorithm from cryptography.hazmat.primitives import interfaces -from cryptography.hazmat.primitives.block import BlockCipher, ciphers, modes +from cryptography.hazmat.primitives.ciphers import ( + Cipher, algorithms, modes +) -class TestBlockCipher(object): +class TestCipher(object): def test_instantiate_without_backend(self): - BlockCipher( - ciphers.AES(binascii.unhexlify(b"0" * 32)), + Cipher( + algorithms.AES(binascii.unhexlify(b"0" * 32)), modes.CBC(binascii.unhexlify(b"0" * 32)) ) def test_creates_encryptor(self): - cipher = BlockCipher( - ciphers.AES(binascii.unhexlify(b"0" * 32)), + cipher = Cipher( + algorithms.AES(binascii.unhexlify(b"0" * 32)), modes.CBC(binascii.unhexlify(b"0" * 32)) ) assert isinstance(cipher.encryptor(), interfaces.CipherContext) def test_creates_decryptor(self): - cipher = BlockCipher( - ciphers.AES(binascii.unhexlify(b"0" * 32)), + cipher = Cipher( + algorithms.AES(binascii.unhexlify(b"0" * 32)), modes.CBC(binascii.unhexlify(b"0" * 32)) ) assert isinstance(cipher.decryptor(), interfaces.CipherContext) -class TestBlockCipherContext(object): +class TestCipherContext(object): def test_use_after_finalize(self, backend): - cipher = BlockCipher( - ciphers.AES(binascii.unhexlify(b"0" * 32)), + cipher = Cipher( + algorithms.AES(binascii.unhexlify(b"0" * 32)), modes.CBC(binascii.unhexlify(b"0" * 32)), backend ) @@ -67,8 +69,8 @@ class TestBlockCipherContext(object): decryptor.finalize() def test_unaligned_block_encryption(self, backend): - cipher = BlockCipher( - ciphers.AES(binascii.unhexlify(b"0" * 32)), + cipher = Cipher( + algorithms.AES(binascii.unhexlify(b"0" * 32)), modes.ECB(), backend ) @@ -86,8 +88,8 @@ class TestBlockCipherContext(object): assert pt == b"a" * 80 decryptor.finalize() - def test_nonexistant_cipher(self, backend): - cipher = BlockCipher( + def test_nonexistent_cipher(self, backend): + cipher = Cipher( object(), object(), backend ) with pytest.raises(UnsupportedAlgorithm): diff --git a/tests/hazmat/primitives/test_blowfish.py b/tests/hazmat/primitives/test_blowfish.py index cd5e03a4..a7f13823 100644 --- a/tests/hazmat/primitives/test_blowfish.py +++ b/tests/hazmat/primitives/test_blowfish.py @@ -16,7 +16,7 @@ from __future__ import absolute_import, division, print_function import binascii import os -from cryptography.hazmat.primitives.block import ciphers, modes +from cryptography.hazmat.primitives.ciphers import algorithms, modes from .utils import generate_encrypt_test from ...utils import load_nist_vectors_from_file @@ -27,10 +27,10 @@ class TestBlowfish(object): lambda path: load_nist_vectors_from_file(path, "ENCRYPT"), os.path.join("ciphers", "Blowfish"), ["bf-ecb.txt"], - lambda key: ciphers.Blowfish(binascii.unhexlify(key)), + lambda key: algorithms.Blowfish(binascii.unhexlify(key)), lambda key: modes.ECB(), only_if=lambda backend: backend.ciphers.supported( - ciphers.Blowfish("\x00" * 56), modes.ECB() + algorithms.Blowfish("\x00" * 56), modes.ECB() ), skip_message="Does not support Blowfish ECB", ) @@ -39,10 +39,10 @@ class TestBlowfish(object): lambda path: load_nist_vectors_from_file(path, "ENCRYPT"), os.path.join("ciphers", "Blowfish"), ["bf-cbc.txt"], - lambda key, iv: ciphers.Blowfish(binascii.unhexlify(key)), + lambda key, iv: algorithms.Blowfish(binascii.unhexlify(key)), lambda key, iv: modes.CBC(binascii.unhexlify(iv)), only_if=lambda backend: backend.ciphers.supported( - ciphers.Blowfish("\x00" * 56), modes.CBC("\x00" * 8) + algorithms.Blowfish("\x00" * 56), modes.CBC("\x00" * 8) ), skip_message="Does not support Blowfish CBC", ) @@ -51,10 +51,10 @@ class TestBlowfish(object): lambda path: load_nist_vectors_from_file(path, "ENCRYPT"), os.path.join("ciphers", "Blowfish"), ["bf-ofb.txt"], - lambda key, iv: ciphers.Blowfish(binascii.unhexlify(key)), + lambda key, iv: algorithms.Blowfish(binascii.unhexlify(key)), lambda key, iv: modes.OFB(binascii.unhexlify(iv)), only_if=lambda backend: backend.ciphers.supported( - ciphers.Blowfish("\x00" * 56), modes.OFB("\x00" * 8) + algorithms.Blowfish("\x00" * 56), modes.OFB("\x00" * 8) ), skip_message="Does not support Blowfish OFB", ) @@ -63,10 +63,10 @@ class TestBlowfish(object): lambda path: load_nist_vectors_from_file(path, "ENCRYPT"), os.path.join("ciphers", "Blowfish"), ["bf-cfb.txt"], - lambda key, iv: ciphers.Blowfish(binascii.unhexlify(key)), + lambda key, iv: algorithms.Blowfish(binascii.unhexlify(key)), lambda key, iv: modes.CFB(binascii.unhexlify(iv)), only_if=lambda backend: backend.ciphers.supported( - ciphers.Blowfish("\x00" * 56), modes.CFB("\x00" * 8) + algorithms.Blowfish("\x00" * 56), modes.CFB("\x00" * 8) ), skip_message="Does not support Blowfish CFB", ) diff --git a/tests/hazmat/primitives/test_camellia.py b/tests/hazmat/primitives/test_camellia.py index 605c18d5..e1be5d1d 100644 --- a/tests/hazmat/primitives/test_camellia.py +++ b/tests/hazmat/primitives/test_camellia.py @@ -16,7 +16,7 @@ from __future__ import absolute_import, division, print_function import binascii import os -from cryptography.hazmat.primitives.block import ciphers, modes +from cryptography.hazmat.primitives.ciphers import algorithms, modes from .utils import generate_encrypt_test from ...utils import ( @@ -33,10 +33,10 @@ class TestCamellia(object): "camellia-192-ecb.txt", "camellia-256-ecb.txt" ], - lambda key: ciphers.Camellia(binascii.unhexlify((key))), + lambda key: algorithms.Camellia(binascii.unhexlify((key))), lambda key: modes.ECB(), only_if=lambda backend: backend.ciphers.supported( - ciphers.Camellia("\x00" * 16), modes.ECB() + algorithms.Camellia("\x00" * 16), modes.ECB() ), skip_message="Does not support Camellia ECB", ) @@ -45,10 +45,10 @@ class TestCamellia(object): load_openssl_vectors_from_file, os.path.join("ciphers", "Camellia"), ["camellia-cbc.txt"], - lambda key, iv: ciphers.Camellia(binascii.unhexlify(key)), + lambda key, iv: algorithms.Camellia(binascii.unhexlify(key)), lambda key, iv: modes.CBC(binascii.unhexlify(iv)), only_if=lambda backend: backend.ciphers.supported( - ciphers.Camellia("\x00" * 16), modes.CBC("\x00" * 16) + algorithms.Camellia("\x00" * 16), modes.CBC("\x00" * 16) ), skip_message="Does not support Camellia CBC", ) @@ -57,10 +57,10 @@ class TestCamellia(object): load_openssl_vectors_from_file, os.path.join("ciphers", "Camellia"), ["camellia-ofb.txt"], - lambda key, iv: ciphers.Camellia(binascii.unhexlify(key)), + lambda key, iv: algorithms.Camellia(binascii.unhexlify(key)), lambda key, iv: modes.OFB(binascii.unhexlify(iv)), only_if=lambda backend: backend.ciphers.supported( - ciphers.Camellia("\x00" * 16), modes.OFB("\x00" * 16) + algorithms.Camellia("\x00" * 16), modes.OFB("\x00" * 16) ), skip_message="Does not support Camellia OFB", ) @@ -69,10 +69,10 @@ class TestCamellia(object): load_openssl_vectors_from_file, os.path.join("ciphers", "Camellia"), ["camellia-cfb.txt"], - lambda key, iv: ciphers.Camellia(binascii.unhexlify(key)), + lambda key, iv: algorithms.Camellia(binascii.unhexlify(key)), lambda key, iv: modes.CFB(binascii.unhexlify(iv)), only_if=lambda backend: backend.ciphers.supported( - ciphers.Camellia("\x00" * 16), modes.CFB("\x00" * 16) + algorithms.Camellia("\x00" * 16), modes.CFB("\x00" * 16) ), skip_message="Does not support Camellia CFB", ) diff --git a/tests/hazmat/primitives/test_cast5.py b/tests/hazmat/primitives/test_cast5.py index bd861150..b2988437 100644 --- a/tests/hazmat/primitives/test_cast5.py +++ b/tests/hazmat/primitives/test_cast5.py @@ -16,7 +16,7 @@ from __future__ import absolute_import, division, print_function import binascii import os -from cryptography.hazmat.primitives.block import ciphers, modes +from cryptography.hazmat.primitives.ciphers import algorithms, modes from .utils import generate_encrypt_test from ...utils import load_nist_vectors_from_file @@ -29,10 +29,10 @@ class TestCAST5(object): [ "cast5-ecb.txt", ], - lambda key: ciphers.CAST5(binascii.unhexlify((key))), + lambda key: algorithms.CAST5(binascii.unhexlify((key))), lambda key: modes.ECB(), only_if=lambda backend: backend.ciphers.supported( - ciphers.CAST5("\x00" * 16), modes.ECB() + algorithms.CAST5("\x00" * 16), modes.ECB() ), skip_message="Does not support CAST5 ECB", ) diff --git a/tests/hazmat/primitives/test_ciphers.py b/tests/hazmat/primitives/test_ciphers.py index d3870a0b..dfafab3f 100644 --- a/tests/hazmat/primitives/test_ciphers.py +++ b/tests/hazmat/primitives/test_ciphers.py @@ -17,7 +17,7 @@ import binascii import pytest -from cryptography.hazmat.primitives.block.ciphers import ( +from cryptography.hazmat.primitives.ciphers.algorithms import ( AES, Camellia, TripleDES, Blowfish, CAST5 ) diff --git a/tests/hazmat/primitives/utils.py b/tests/hazmat/primitives/utils.py index b4a8a3e6..e6e97d1d 100644 --- a/tests/hazmat/primitives/utils.py +++ b/tests/hazmat/primitives/utils.py @@ -6,7 +6,7 @@ import pytest from cryptography.hazmat.bindings import _ALL_BACKENDS from cryptography.hazmat.primitives import hashes from cryptography.hazmat.primitives import hmac -from cryptography.hazmat.primitives.block import BlockCipher +from cryptography.hazmat.primitives.ciphers import Cipher def generate_encrypt_test(param_loader, path, file_names, cipher_factory, @@ -34,7 +34,7 @@ def encrypt_test(backend, cipher_factory, mode_factory, params, only_if, pytest.skip(skip_message) plaintext = params.pop("plaintext") ciphertext = params.pop("ciphertext") - cipher = BlockCipher( + cipher = Cipher( cipher_factory(**params), mode_factory(**params), backend |