diff options
| -rwxr-xr-x | python/genkat_aead.py | 72 | ||||
| -rw-r--r-- | python/lilliput.py | 18 | ||||
| -rw-r--r-- | python/lilliput_ae_1.py | 3 |
3 files changed, 76 insertions, 17 deletions
diff --git a/python/genkat_aead.py b/python/genkat_aead.py new file mode 100755 index 0000000..5a50e03 --- /dev/null +++ b/python/genkat_aead.py @@ -0,0 +1,72 @@ +#!/usr/bin/env python3 + +import lilliput + + +MAX_MESSAGE_LENGTH = 32 +MAX_ADATA_LENGTH = 32 + +CRYPTO_NPUBBYTES = 120//8 + + +def bstr(buf): + return ''.join('{:02X}'.format(b) for b in buf) + + +def print_bstr(output, label, buf): + print('{l} = {b}'.format(l=label, b=bstr(buf)), file=output) + + +class DecryptionError(Exception): + def __init__(self, expected, actual, mode, keylen): + self.expected = expected + self.actual = actual + self.mode = mode + self.keylen = keylen + + def __str__(self): + return '({s.mode} / {s.keylen}) Expected {exp}; got {act}'.format( + s=self, + exp=bstr(self.expected), + act=bstr(self.actual) + ) + + +def generate_test_vectors(mode, keylen): + + print('generating for', mode, keylen) + + output_path = 'LWC_AEAD_KAT_{mode}_{keylen}'.format(mode=mode, keylen=keylen) + with open(output_path, 'w') as output: + + count = 1 + for mlen in range(MAX_MESSAGE_LENGTH+1): + for adlen in range(MAX_ADATA_LENGTH+1): + print('Count = {c}'.format(c=count), file=output) + + msg = bytes(range(mlen)) + ad = bytes(range(adlen)) + + print_bstr(output, 'Key', bytes(range(keylen//8))) + print_bstr(output, 'Nonce', bytes(range(CRYPTO_NPUBBYTES))) + print_bstr(output, 'PT', msg) + print_bstr(output, 'AD', ad) + + ct, tag = lilliput.mainEnc(msg, ad, mode, keylen) + + print_bstr(output, 'CT', ct+tag) + + msg2 = lilliput.mainDec(ct, tag, ad, mode, keylen) + + if msg != msg2: + raise DecryptionError(msg, msg2, mode, keylen) + + count+=1 + + print(file=output) + + +if __name__ == '__main__': + for mode in 1, 2: + for keylen in 128, 192, 256: + generate_test_vectors(mode, keylen) diff --git a/python/lilliput.py b/python/lilliput.py index 6a2aae4..c2e1a69 100644 --- a/python/lilliput.py +++ b/python/lilliput.py @@ -57,8 +57,8 @@ def mainEnc(plaintext, adata, mode=1, length=128): (key_bits, tweak_bits, rounds) = GetParameters(mode, length) - A = adata.encode() - M = plaintext.encode() + A = adata + M = plaintext N = [0 for byte in range(0, N_BYTES)] key = [byte for byte in range(0, int(key_bits/8))] @@ -72,12 +72,6 @@ def mainEnc(plaintext, adata, mode=1, length=128): (C, tag) = lilliput_ae_1.OCB3Enc(A, M, N, A_BITS, M_BITS, key, key_bits, tweak_bits, rounds) if(mode == 2) : (C, tag) = lilliput_ae_2.SCT2Enc(A, M, N, A_BITS, M_BITS, key, key_bits, tweak_bits, rounds) - for block in range(0,len(C)) : - for byte in C[block] : - print("%02x "%(byte), end="") - for byte in tag : - print("%02x "%(byte), end="") - print() return BlockbytesMatrixToBytes(C), bytes(tag) @@ -86,7 +80,7 @@ def mainDec(ciphertext, tag, adata, mode=1, length=128): (key_bits, tweak_bits, rounds) = GetParameters(mode, length) - A = adata.encode() + A = adata C = ciphertext N = [0 for byte in range(0, N_BYTES)] key = [byte for byte in range(0, int(key_bits/8))] @@ -102,9 +96,5 @@ def mainDec(ciphertext, tag, adata, mode=1, length=128): M = lilliput_ae_1.OCB3Dec(A, C, N, tag, A_BITS, M_BITS, key, key_bits, tweak_bits, rounds) if(mode == 2) : M = lilliput_ae_2.SCT2Dec(A, C, N, tag, A_BITS, M_BITS, key, key_bits, tweak_bits, rounds) - for block in range(0,len(M)) : - for byte in M[block] : - print("%02x "%(byte), end="") - print() - return BlockbytesMatrixToBytes(M).decode() + return BlockbytesMatrixToBytes(M) diff --git a/python/lilliput_ae_1.py b/python/lilliput_ae_1.py index 4884518..6d060bb 100644 --- a/python/lilliput_ae_1.py +++ b/python/lilliput_ae_1.py @@ -277,8 +277,5 @@ def OCB3Dec(A, C, N, tag, associated_data_length_bit, message_length_bit, key, k (Final, M) = TreatMessageDec(C, N, key) tag2 = XorState(Auth, Final) - print(M) - print(tag2) - if(tag == tag2) : return M |