1 files changed, 57 insertions, 0 deletions

diff --git a/src/add_python/lilliput/__init__.py b/src/add_python/lilliput/__init__.py
new file mode 100644
index 0000000..870e485
--- /dev/null
+++ b/src/add_python/lilliput/__init__.py
@@ -0,0 +1,57 @@
+# Implementation of the Lilliput-AE tweakable block cipher.
+#
+# Authors, hereby denoted as "the implementer":
+#     Kévin Le Gouguec,
+#     Léo Reynaud
+#     2019.
+#
+# For more information, feedback or questions, refer to our website:
+# https://paclido.fr/lilliput-ae
+#
+# To the extent possible under law, the implementer has waived all copyright
+# and related or neighboring rights to the source code in this file.
+# http://creativecommons.org/publicdomain/zero/1.0/
+
+"""Lilliput-AE tweakable block cipher.
+
+This module provides the high-level functions for authenticated encryption and
+decryption.  Both functions take and return bytestring values.
+
+The "mode" argument can be either of the following integers:
+
+- 1, for the ΘCB3 nonce-respecting mode,
+- 2, for the SCT-2 nonce-misuse-resistant mode.
+"""
+
+
+from . import ae_mode_1
+from . import ae_mode_2
+from .constants import NONCE_BITS
+
+
+_AE_MODES = {
+    1: ae_mode_1,
+    2: ae_mode_2
+}
+
+
+def _check_inputs(key, mode, nonce):
+    valid_key_lengths = (128, 192, 256)
+    if len(key)*8 not in valid_key_lengths:
+        raise ValueError('invalid key size: {} not in {}'.format(len(key)*8, valid_key_lengths))
+
+    if mode not in _AE_MODES:
+        raise ValueError('invalid mode: {} not in {}'.format(mode, tuple(_AE_MODES)))
+
+    if len(nonce)*8 != NONCE_BITS:
+        raise ValueError('invalid nonce size: expecting {}, have {}'.format(NONCE_BITS, len(nonce)*8))
+
+
+def encrypt(plaintext, adata, key, nonce, mode):
+    _check_inputs(key, mode, nonce)
+    return _AE_MODES[mode].encrypt(adata, plaintext, nonce, key)
+
+
+def decrypt(ciphertext, tag, adata, key, nonce, mode):
+    _check_inputs(key, mode, nonce)
+    return _AE_MODES[mode].decrypt(adata, ciphertext, nonce, tag, key)