diff options
| author | Paul Kehrer <paul.l.kehrer@gmail.com> | 2013-11-24 10:20:50 -0600 |
|---|---|---|
| committer | Paul Kehrer <paul.l.kehrer@gmail.com> | 2013-11-29 17:19:45 -0600 |
| commit | 2631c2b7be22f15f83810df1b8664bf388ad02a6 (patch) | |
| tree | 7129851dfbc9735fadf996cb6dcc8e372d1ead33 | |
| parent | a4bfc08b8d2ed312eeb1b0558ac20f285feb8cc2 (diff) | |
| download | cryptography-2631c2b7be22f15f83810df1b8664bf388ad02a6.tar.gz cryptography-2631c2b7be22f15f83810df1b8664bf388ad02a6.tar.bz2 cryptography-2631c2b7be22f15f83810df1b8664bf388ad02a6.zip | |
gcm doc fixes (per review from alex)
| -rw-r--r-- | docs/hazmat/primitives/symmetric-encryption.rst | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/docs/hazmat/primitives/symmetric-encryption.rst b/docs/hazmat/primitives/symmetric-encryption.rst index 4e7990b0..3ed8c9e2 100644 --- a/docs/hazmat/primitives/symmetric-encryption.rst +++ b/docs/hazmat/primitives/symmetric-encryption.rst @@ -323,7 +323,8 @@ Modes is an AEAD (authenticated encryption with additional data) mode. AEAD is a type of block cipher mode that encrypts the message as well as authenticating it (and optionally additional data that is not encrypted) - simultaneously. + simultaneously. Additional means of verifying integrity (like + :doc:`HMAC </hazmat/primitives/hmac>`) are not necessary. :param bytes initialization_vector: Must be random bytes. They do not need to be kept secret (they can be included @@ -338,12 +339,12 @@ Modes >>> from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes >>> cipher = Cipher(algorithms.AES(key), modes.GCM(iv)) >>> encryptor = cipher.encryptor() - >>> encryptor.add_data(b"authenticated but encrypted payload") + >>> encryptor.add_data(b"authenticated but not encrypted payload") >>> ct = encryptor.update(b"a secret message") + encryptor.finalize() >>> tag = encryptor.tag >>> cipher = Cipher(algorithms.AES(key), modes.GCM(iv, tag)) >>> decryptor = cipher.decryptor() - >>> decryptor.add_data(b"authenticated but encrypted payload") + >>> decryptor.add_data(b"authenticated but not encrypted payload") >>> decryptor.update(ct) + decryptor.finalize() 'a secret message' |