switch to GCM for standards compliance (argh!)

format.md

@@ -37,7 +37,7 @@ The distribution archive is encrypted with the distribution key.
 ## distribution key
 
 The distribution key is the AES<256> key, with which the distribution archive
-is encrypted using EAX<AES>. DIST.KEY contains the distribution key encrypted
+is encrypted using GCM<AES>. DIST.KEY contains the distribution key encrypted
 with the provisioning key using RSA-OAEP.
 
 ## distribution signature

utils/encrypt_distribution_archive.py

@@ -1,13 +1,25 @@
 #!/usr/bin/env python3
 
-from Crypto.Cipher import AES
-from Crypto.Random import get_random_bytes
+import argparse
 
-data = b'secret data'
+from cryptography.hazmat.primitives.ciphers.aead import AESGCM
+from cryptography.hazmat.primitives import serialization
 
-key = get_random_bytes(16)
-cipher = AES.new(key, AES.MODE_EAX)
-ciphertext, tag = cipher.encrypt_and_digest(data)
+parser = argparse.ArgumentParser(description='encrypt distribution archive'
+        ' using provisioning key to encrypt and deployment key to sign')
+
+parser.add_argument('--deployment-key', default='deployment_key.der',
+        help='file with private key part of deployment key in DER format')
+
+parser.add_argument('--provisioning-key', default='provisioning_key-pub.der',
+        help='file with public key part of provisioning key in DER format')
+
+args = parser.parse_args()
+
+key = AESGCM.generate_key(bit_length=128)
+
+
+# nonce = AESGCM.generate_key(bit_length=128)
+# aesgcm = AESGCM(key)
+# ct = aesgcm.encrypt(nonce, data, aad)
 
-with open("encrypted.bin", "wb") as file_out:
-    [ file_out.write(x) for x in (cipher.nonce, tag, ciphertext) ]

utils/requirements.txt

@@ -1 +1 @@
-pycryptodome
+cryptography