mautrix.crypto.attachments

async mautrix.crypto.attachments.async_encrypt_attachment(data)

Async generator to encrypt data in order to send it as an encrypted attachment.

This function lazily encrypts and yields data, thus it can be used to encrypt large files without fully loading them into memory if an iterable or async iterable of bytes is passed as data.

Parameters

data (Union[bytes, Iterable[bytes], AsyncIterable[bytes], io.BufferedIOBase]) – The data to encrypt. Passing an async iterable allows the file data to be read in an asynchronous and lazy (without reading the entire file into memory) way. Passing a non-async iterable or standard open binary file object will still allow the data to be read lazily, but not asynchronously.

Yields

The encrypted bytes for each chunk of data. The last yielded value will be a dict containing the info needed to decrypt data. The keys are: | key: AES-CTR JWK key object. | iv: Base64 encoded 16 byte AES-CTR IV. | hashes.sha256: Base64 encoded SHA-256 hash of the ciphertext.

Return type

AsyncGenerator[bytes | mautrix.types.EncryptedFile, None]

async mautrix.crypto.attachments.async_generator_from_data(data, chunk_size=4096)
Parameters
Return type

AsyncGenerator[bytes, None]

async mautrix.crypto.attachments.async_inplace_encrypt_attachment(data)
Parameters

data (bytearray) –

Return type

mautrix.types.EncryptedFile

mautrix.crypto.attachments.decrypt_attachment(ciphertext, key, hash, iv)

Decrypt an encrypted attachment.

Parameters
  • ciphertext (bytes) – The data to decrypt.

  • key (str) – AES_CTR JWK key object.

  • hash (str) – Base64 encoded SHA-256 hash of the ciphertext.

  • iv (str) – Base64 encoded 16 byte AES-CTR IV.

Returns

The plaintext bytes.

Raises

EncryptionError – if the integrity check fails.

Return type

bytes

mautrix.crypto.attachments.encrypt_attachment(plaintext)

Encrypt data in order to send it as an encrypted attachment.

Parameters

plaintext (bytes) – The data to encrypt.

Returns

A tuple with the encrypted bytes and a dict containing the info needed to decrypt data. See encrypted_attachment_generator() for the keys.

Return type

tuple[bytes, mautrix.types.EncryptedFile]

mautrix.crypto.attachments.encrypted_attachment_generator(data)

Generator to encrypt data in order to send it as an encrypted attachment.

Unlike encrypt_attachment(), this function lazily encrypts and yields data, thus it can be used to encrypt large files without fully loading them into memory if an iterable of bytes is passed as data.

Parameters

data (Union[bytes, Iterable[bytes]]) – The data to encrypt.

Yields

The encrypted bytes for each chunk of data. The last yielded value will be a dict containing the info needed to decrypt data.

Return type

Generator[bytes | mautrix.types.EncryptedFile, None, None]

mautrix.crypto.attachments.inplace_encrypt_attachment(data)
Parameters

data (bytearray) –

Return type

mautrix.types.EncryptedFile