From 33c615feaaf148c099ee4299ad2c8a6f7e1778cf Mon Sep 17 00:00:00 2001 From: Kévin Le Gouguec Date: Sun, 24 Mar 2019 15:19:15 +0100 Subject: [implem-python] Réécriture de certains range() dans tbc.py MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit IME, itérer sur un range() est rarement la façon la plus expressive de faire les choses ; les alternatives imposent une structure qui rendent l'intention plus claire. E.g. quand on voit une compréhension, on comprend que l'auteur cherche à filtrer et/ou transformer ce sur quoi il itère. Réutilisation de xor_state(), renommé xor() puisqu'il sert dans plusieurs situations. Séparation de ce xor() et des fonctions communes aux modes authentifiés pour éviter un import circulaire. --- src/add_python/lilliput/ae_common.py | 89 ++++++++++++++++++++++++++++++++++++ 1 file changed, 89 insertions(+) create mode 100644 src/add_python/lilliput/ae_common.py (limited to 'src/add_python/lilliput/ae_common.py') diff --git a/src/add_python/lilliput/ae_common.py b/src/add_python/lilliput/ae_common.py new file mode 100644 index 0000000..f212353 --- /dev/null +++ b/src/add_python/lilliput/ae_common.py @@ -0,0 +1,89 @@ +from .constants import BLOCK_BITS, BLOCK_BYTES +from .helpers import xor +from . import tbc + + +def bytes_to_block_matrix(array): + vector = list(array) + + blocks_nb = len(vector)//BLOCK_BYTES + + block_starts = ( + i*BLOCK_BYTES for i in range(blocks_nb) + ) + + matrix = [ + vector[start:start+BLOCK_BYTES] for start in block_starts + ] + + padding_len = len(vector)%BLOCK_BYTES + + if padding_len > 0: + padding = vector[-padding_len:] + matrix.append(padding) + + return matrix + + +def block_matrix_to_bytes(matrix): + return bytes(byte for block in matrix for byte in block) + + +def pad10(X): + zeroes = [0] * (BLOCK_BYTES-len(X)-1) + return zeroes + [0b10000000] + X + + +def _tweak_associated_data(t, i, padded): + t_bytes = t//8 + tweak = [0]*(t_bytes) + + mask = 0xff + for byte in range(t_bytes-1): + tweak[byte] = (i & mask) >> (byte * 8) + mask = mask << 8 + + mask = (0xf << (8 * t_bytes-1)) + tweak[-1] = (i & mask) >> ((t_bytes-1)*8) + if not padded: + tweak[-1] |= 0x20 + else: + tweak[-1] |= 0x60 + + return tweak + + +def build_auth(t, A, key): + Auth = [0 for byte in range(0, BLOCK_BYTES)] + l_a = len(A)//BLOCK_BYTES + need_padding = len(A)%BLOCK_BYTES > 0 + + A = bytes_to_block_matrix(A) + + for i in range(0, l_a): + tweak = _tweak_associated_data(t, i, padded=False) + enc = tbc.encrypt(tweak, key, A[i]) + Auth = xor(Auth, enc) + + if not need_padding: + return Auth + + tweak = _tweak_associated_data(t, l_a, padded=True) + ad_padded = pad10(A[l_a]) + enc = tbc.encrypt(tweak, key, ad_padded) + Auth = xor(Auth, enc) + + return Auth + + +class TagValidationError(Exception): + def __init__(self, announced, computed): + msg = '\n'.join(( + 'Invalid tag:', + announced.hex().upper()+' (announced)', + computed.hex().upper()+' (computed)' + )) + + super().__init__(msg) + self._announced = announced + self._computed = computed -- cgit v1.2.3 From 482091fe1812cf68789a65d7a8b8df9d1be551d2 Mon Sep 17 00:00:00 2001 From: Kévin Le Gouguec Date: Sun, 24 Mar 2019 16:38:18 +0100 Subject: [implem-python] Réécriture de certains range() dans ae_common.py MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Et réutilisation de fonctions Python natives. --- src/add_python/lilliput/ae_common.py | 22 ++++++++-------------- 1 file changed, 8 insertions(+), 14 deletions(-) (limited to 'src/add_python/lilliput/ae_common.py') diff --git a/src/add_python/lilliput/ae_common.py b/src/add_python/lilliput/ae_common.py index f212353..033b5b0 100644 --- a/src/add_python/lilliput/ae_common.py +++ b/src/add_python/lilliput/ae_common.py @@ -35,32 +35,26 @@ def pad10(X): def _tweak_associated_data(t, i, padded): - t_bytes = t//8 - tweak = [0]*(t_bytes) + tweak = list(i.to_bytes(t//8, 'little')) - mask = 0xff - for byte in range(t_bytes-1): - tweak[byte] = (i & mask) >> (byte * 8) - mask = mask << 8 + prefix = 0b0110 if padded else 0b0010 - mask = (0xf << (8 * t_bytes-1)) - tweak[-1] = (i & mask) >> ((t_bytes-1)*8) - if not padded: - tweak[-1] |= 0x20 - else: - tweak[-1] |= 0x60 + # Clear upper 4 bits and set them to prefix. + tweak[-1] &= 0b00001111 + tweak[-1] = prefix << 4 return tweak def build_auth(t, A, key): - Auth = [0 for byte in range(0, BLOCK_BYTES)] + Auth = [0]*BLOCK_BYTES + l_a = len(A)//BLOCK_BYTES need_padding = len(A)%BLOCK_BYTES > 0 A = bytes_to_block_matrix(A) - for i in range(0, l_a): + for i in range(l_a): tweak = _tweak_associated_data(t, i, padded=False) enc = tbc.encrypt(tweak, key, A[i]) Auth = xor(Auth, enc) -- cgit v1.2.3 From 07af965f2687105324e0142270a9e194a5ae6af5 Mon Sep 17 00:00:00 2001 From: Kévin Le Gouguec Date: Mon, 25 Mar 2019 08:38:01 +0100 Subject: [implem-python] Ajout des entêtes manquants MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/add_python/lilliput/ae_common.py | 17 +++++++++++++++ src/add_python/lilliput/helpers.py | 17 +++++++++++++++ src/add_python/lilliput/multiplications.py | 19 +++++++++++++++++ test/python/crypto_aead.py | 33 +++++++++++++++++++++++------- test/python/genkat_aead.py | 17 ++++++++++++++- 5 files changed, 95 insertions(+), 8 deletions(-) (limited to 'src/add_python/lilliput/ae_common.py') diff --git a/src/add_python/lilliput/ae_common.py b/src/add_python/lilliput/ae_common.py index 033b5b0..83db056 100644 --- a/src/add_python/lilliput/ae_common.py +++ b/src/add_python/lilliput/ae_common.py @@ -1,3 +1,20 @@ +# Implementation of the Lilliput-AE tweakable block cipher. +# +# Authors, hereby denoted as "the implementer": +# Kévin Le Gouguec, +# Léo Reynaud +# 2019. +# +# For more information, feedback or questions, refer to our website: +# https://paclido.fr/lilliput-ae +# +# To the extent possible under law, the implementer has waived all copyright +# and related or neighboring rights to the source code in this file. +# http://creativecommons.org/publicdomain/zero/1.0/ + +"""Helper functions used in both Lilliput-I and Lilliput-II.""" + + from .constants import BLOCK_BITS, BLOCK_BYTES from .helpers import xor from . import tbc diff --git a/src/add_python/lilliput/helpers.py b/src/add_python/lilliput/helpers.py index 048aac7..41f75a6 100644 --- a/src/add_python/lilliput/helpers.py +++ b/src/add_python/lilliput/helpers.py @@ -1,2 +1,19 @@ +# Implementation of the Lilliput-AE tweakable block cipher. +# +# Authors, hereby denoted as "the implementer": +# Kévin Le Gouguec, +# Léo Reynaud +# 2019. +# +# For more information, feedback or questions, refer to our website: +# https://paclido.fr/lilliput-ae +# +# To the extent possible under law, the implementer has waived all copyright +# and related or neighboring rights to the source code in this file. +# http://creativecommons.org/publicdomain/zero/1.0/ + +"""Helper functions used in Lilliput-AE.""" + + def xor(array1, array2): return [a1^a2 for (a1, a2) in zip(array1, array2)] diff --git a/src/add_python/lilliput/multiplications.py b/src/add_python/lilliput/multiplications.py index dfdc3cb..2dea948 100644 --- a/src/add_python/lilliput/multiplications.py +++ b/src/add_python/lilliput/multiplications.py @@ -1,3 +1,22 @@ +# Implementation of the Lilliput-AE tweakable block cipher. +# +# Authors, hereby denoted as "the implementer": +# Kévin Le Gouguec, +# Léo Reynaud +# 2019. +# +# For more information, feedback or questions, refer to our website: +# https://paclido.fr/lilliput-ae +# +# To the extent possible under law, the implementer has waived all copyright +# and related or neighboring rights to the source code in this file. +# http://creativecommons.org/publicdomain/zero/1.0/ + +"""Multiplications for Lilliput-TBC's tweakey schedule. + +This module provides a list of functions implementing lane multiplications, +from ALPHAS[0] = α₀ = I to ALPHAS[6] = α₆ = M_R³. +""" def _multiply_M(lane): diff --git a/test/python/crypto_aead.py b/test/python/crypto_aead.py index 792369c..6a9b328 100644 --- a/test/python/crypto_aead.py +++ b/test/python/crypto_aead.py @@ -1,9 +1,29 @@ +# Implementation of the Lilliput-AE tweakable block cipher. +# +# Authors, hereby denoted as "the implementer": +# Kévin Le Gouguec, +# 2019. +# +# For more information, feedback or questions, refer to our website: +# https://paclido.fr/lilliput-ae +# +# To the extent possible under law, the implementer has waived all copyright +# and related or neighboring rights to the source code in this file. +# http://creativecommons.org/publicdomain/zero/1.0/ + +"""Python port of the crypto_aead API for Lilliput-AE.""" + import lilliput -from lilliput.constants import NONCE_BYTES as NPUBBYTES, TAG_BYTES -# Import KEYBYTES to expose it to genkat_aead. -# Import MODE to provide it to lilliput. -from parameters import KEYBYTES, MODE +from lilliput.constants import ( + NONCE_BYTES as NPUBBYTES, # Expose to genkat_aead. + TAG_BYTES +) + +from parameters import ( + KEYBYTES, # Expose to genkat_aead. + MODE +) def encrypt(m, ad, npub, k): @@ -12,7 +32,6 @@ def encrypt(m, ad, npub, k): def decrypt(c, ad, npub, k): - clen = len(c)-TAG_BYTES - ctext = c[:clen] - tag = c[clen:] + ctext = c[:-TAG_BYTES] + tag = c[-TAG_BYTES:] return lilliput.decrypt(ctext, tag, ad, k, npub, MODE) diff --git a/test/python/genkat_aead.py b/test/python/genkat_aead.py index 5e953c4..db3a89c 100755 --- a/test/python/genkat_aead.py +++ b/test/python/genkat_aead.py @@ -1,11 +1,26 @@ #!/usr/bin/env python3 +# Python port of genkat_aead.c. +# +# Authors, hereby denoted as "the implementer": +# Kévin Le Gouguec, +# 2019. +# +# For more information, feedback or questions, refer to our website: +# https://paclido.fr/lilliput-ae +# +# To the extent possible under law, the implementer has waived all copyright +# and related or neighboring rights to the source code in this file. +# http://creativecommons.org/publicdomain/zero/1.0/ + +"""Python port of the genkat_aead.c program.""" + import crypto_aead class DecryptionError(Exception): def __init__(self): - super().__init__('crypto_aead_decrypt did not recover the plaintext') + super().__init__('crypto_aead.decrypt did not recover the plaintext') MAX_MESSAGE_LENGTH = 32 -- cgit v1.2.3 From 0d0ecee46d6e5d47ff390cbaa254bf0d560d504f Mon Sep 17 00:00:00 2001 From: Kévin Le Gouguec Date: Mon, 25 Mar 2019 09:10:33 +0100 Subject: [implem-python] Ajustements de forme --- src/add_python/lilliput/ae_common.py | 6 +++++- src/add_python/lilliput/ae_mode_1.py | 4 ++-- 2 files changed, 7 insertions(+), 3 deletions(-) (limited to 'src/add_python/lilliput/ae_common.py') diff --git a/src/add_python/lilliput/ae_common.py b/src/add_python/lilliput/ae_common.py index 83db056..b94be1b 100644 --- a/src/add_python/lilliput/ae_common.py +++ b/src/add_python/lilliput/ae_common.py @@ -51,8 +51,12 @@ def pad10(X): return zeroes + [0b10000000] + X +def integer_to_byte_array(i, n): + return list(i.to_bytes(n, 'little')) + + def _tweak_associated_data(t, i, padded): - tweak = list(i.to_bytes(t//8, 'little')) + tweak = integer_to_byte_array(i, t//8) prefix = 0b0110 if padded else 0b0010 diff --git a/src/add_python/lilliput/ae_mode_1.py b/src/add_python/lilliput/ae_mode_1.py index a5ba7c8..b07adf6 100644 --- a/src/add_python/lilliput/ae_mode_1.py +++ b/src/add_python/lilliput/ae_mode_1.py @@ -87,7 +87,7 @@ def _treat_message_enc(M, N, key): tweak_final = _tweak_message(N, l+1, _MessageTweak.FINAL) Final = tbc.encrypt(tweak_final, key, checksum) - return (Final, C) + return Final, C def _treat_message_dec(C, N, key): @@ -119,7 +119,7 @@ def _treat_message_dec(C, N, key): tweak_final = _tweak_message(N, l+1, _MessageTweak.FINAL) Final = tbc.encrypt(tweak_final, key, checksum) - return (Final, M) + return Final, M def encrypt(A, M, N, key): -- cgit v1.2.3