def _create_base_cipher(dict_parameters):
"""This method instantiates and returns a smart pointer to
a low-level base cipher. It will absorb named parameters in
the process."""
try:
key = dict_parameters.pop("key")
salt = dict_parameters.pop("salt")
cost = dict_parameters.pop("cost")
except KeyError as e:
raise TypeError("Missing EKSBlowfish parameter: " + str(e))
if len(key) not in key_size:
raise ValueError("Incorrect EKSBlowfish key length (%d bytes)" %
len(key))
if len(salt) != 16:
raise ValueError("Incorrect salt length (%d bytes)" % len(salt))
start_operation = _raw_blowfish_lib.EKSBlowfish_start_operation
stop_operation = _raw_blowfish_lib.EKSBlowfish_stop_operation
void_p = VoidPointer()
result = start_operation(c_uint8_ptr(key), c_size_t(len(key)),
c_uint8_ptr(salt), c_uint(cost),
void_p.address_of())
if result:
raise ValueError(
"Error %X while instantiating the EKSBlowfish cipher" % result)
return SmartPointer(void_p.get(), stop_operation)
def __init__(self, x, y, curve="p256"):
try:
self._curve = _curves[curve]
except KeyError:
raise ValueError("Unknown curve name %s" % str(curve))
self._curve_name = curve
modulus_bytes = self.size_in_bytes()
context = self._curve.context
xb = long_to_bytes(x, modulus_bytes)
yb = long_to_bytes(y, modulus_bytes)
if len(xb) != modulus_bytes or len(yb) != modulus_bytes:
raise ValueError("Incorrect coordinate length")
self._point = VoidPointer()
result = _ec_lib.ec_ws_new_point(self._point.address_of(),
c_uint8_ptr(xb),
c_uint8_ptr(yb),
c_size_t(modulus_bytes),
context.get())
if result:
if result == 15:
raise ValueError("The EC point does not belong to the curve")
raise ValueError("Error %d while instantiating an EC point" % result)
# Ensure that object disposal of this Python object will (eventually)
# free the memory allocated by the raw library for the EC point
self._point = SmartPointer(self._point.get(),
_ec_lib.ec_free_point)
def __init__(self, key, nonce):
"""Initialize a Salsa20 cipher object
See also `new()` at the module level."""
if len(key) not in key_size:
raise ValueError("Incorrect key length for Salsa20 (%d bytes)" % len(key))
if len(nonce) != 8:
raise ValueError("Incorrect nonce length for Salsa20 (%d bytes)" %
len(nonce))
self.nonce = _copy_bytes(None, None, nonce)
self._state = VoidPointer()
result = _raw_salsa20_lib.Salsa20_stream_init(
c_uint8_ptr(key),
c_size_t(len(key)),
c_uint8_ptr(nonce),
c_size_t(len(nonce)),
self._state.address_of())
if result:
raise ValueError("Error %d instantiating a Salsa20 cipher")
self._state = SmartPointer(self._state.get(),
_raw_salsa20_lib.Salsa20_stream_destroy)
self.block_size = 1
self.key_size = len(key)
def _encrypt(self, plaintext, output):
"""Encrypt without FSM checks"""
if output is None:
ciphertext = create_string_buffer(len(plaintext))
else:
ciphertext = output
if not is_writeable_buffer(output):
raise TypeError(
"output must be a bytearray or a writeable memoryview")
if len(plaintext) != len(output):
raise ValueError(
"output must have the same length as the input"
" (%d bytes)" % len(plaintext))
result = _raw_chacha20_lib.chacha20_encrypt(self._state.get(),
c_uint8_ptr(plaintext),
c_uint8_ptr(ciphertext),
c_size_t(len(plaintext)))
if result:
raise ValueError("Error %d while encrypting with %s" %
(result, self._name))
if output is None:
return get_raw_buffer(ciphertext)
else:
return None
def init_p384():
p = 0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0000000000000000ffffffff
b = 0xb3312fa7e23ee7e4988e056be3f82d19181d9c6efe8141120314088f5013875ac656398d8a2ed19d2a85c8edd3ec2aef
order = 0xffffffffffffffffffffffffffffffffffffffffffffffffc7634d81f4372ddf581a0db248b0a77aecec196accc52973
Gx = 0xaa87ca22be8b05378eb1c71ef320ad746e1d3b628ba79b9859f741e082542a385502f25dbf55296c3a545e3872760aB7
Gy = 0x3617de4a96262c6f5d9e98bf9292dc29f8f41dbd289a147ce9da3113b5f0b8c00a60b1ce1d7e819d7a431d7c90ea0e5F
p384_modulus = long_to_bytes(p, 48)
p384_b = long_to_bytes(b, 48)
p384_order = long_to_bytes(order, 48)
ec_p384_context = VoidPointer()
result = _ec_lib.ec_ws_new_context(ec_p384_context.address_of(),
c_uint8_ptr(p384_modulus),
c_uint8_ptr(p384_b),
c_uint8_ptr(p384_order),
c_size_t(len(p384_modulus)),
c_ulonglong(getrandbits(64)))
if result:
raise ImportError("Error %d initializing P-384 context" % result)
context = SmartPointer(ec_p384_context.get(), _ec_lib.ec_free_context)
p384 = _Curve(
Integer(p),
Integer(b),
Integer(order),
Integer(Gx),
Integer(Gy),
None,
384,
"1.3.132.0.34", # SEC 2
context,
"NIST P-384",
"ecdsa-sha2-nistp384")
_curves.update(dict.fromkeys(p384_names, p384))
def _encrypt(self, plaintext, output):
"""Encrypt without FSM checks"""
if output is None:
ciphertext = create_string_buffer(len(plaintext))
else:
ciphertext = output
if not is_writeable_buffer(output):
raise TypeError("output must be a bytearray or a writeable memoryview")
if len(plaintext) != len(output):
raise ValueError("output must have the same length as the input"
" (%d bytes)" % len(plaintext))
result = _raw_chacha20_lib.chacha20_encrypt(
self._state.get(),
c_uint8_ptr(plaintext),
c_uint8_ptr(ciphertext),
c_size_t(len(plaintext)))
if result:
raise ValueError("Error %d while encrypting with ChaCha20" % result)
if output is None:
return get_raw_buffer(ciphertext)
else:
return None
def init_p256():
p = 0xffffffff00000001000000000000000000000000ffffffffffffffffffffffff
b = 0x5ac635d8aa3a93e7b3ebbd55769886bc651d06b0cc53b0f63bce3c3e27d2604b
order = 0xffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551
Gx = 0x6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c296
Gy = 0x4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f5
p256_modulus = long_to_bytes(p, 32)
p256_b = long_to_bytes(b, 32)
p256_order = long_to_bytes(order, 32)
ec_p256_context = VoidPointer()
result = _ec_lib.ec_ws_new_context(ec_p256_context.address_of(),
c_uint8_ptr(p256_modulus),
c_uint8_ptr(p256_b),
c_uint8_ptr(p256_order),
c_size_t(len(p256_modulus)),
c_ulonglong(getrandbits(64)))
if result:
raise ImportError("Error %d initializing P-256 context" % result)
context = SmartPointer(ec_p256_context.get(), _ec_lib.ec_free_context)
p256 = _Curve(
Integer(p),
Integer(b),
Integer(order),
Integer(Gx),
Integer(Gy),
None,
256,
"1.2.840.10045.3.1.7", # ANSI X9.62
context,
"NIST P-256",
"ecdsa-sha2-nistp256")
_curves.update(dict.fromkeys(p256_names, p256))
def init_p521():
p = 0x000001ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff
b = 0x00000051953eb9618e1c9a1f929a21a0b68540eea2da725b99b315f3b8b489918ef109e156193951ec7e937b1652c0bd3bb1bf073573df883d2c34f1ef451fd46b503f00
order = 0x000001fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffa51868783bf2f966b7fcc0148f709a5d03bb5c9b8899c47aebb6fb71e91386409
Gx = 0x000000c6858e06b70404e9cd9e3ecb662395b4429c648139053fb521f828af606b4d3dbaa14b5e77efe75928fe1dc127a2ffa8de3348b3c1856a429bf97e7e31c2e5bd66
Gy = 0x0000011839296a789a3bc0045c8a5fb42c7d1bd998f54449579b446817afbd17273e662c97ee72995ef42640c550b9013fad0761353c7086a272c24088be94769fd16650
p521_modulus = long_to_bytes(p, 66)
p521_b = long_to_bytes(b, 66)
p521_order = long_to_bytes(order, 66)
ec_p521_context = VoidPointer()
result = _ec_lib.ec_ws_new_context(ec_p521_context.address_of(),
c_uint8_ptr(p521_modulus),
c_uint8_ptr(p521_b),
c_uint8_ptr(p521_order),
c_size_t(len(p521_modulus)),
c_ulonglong(getrandbits(64)))
if result:
raise ImportError("Error %d initializing P-521 context" % result)
context = SmartPointer(ec_p521_context.get(), _ec_lib.ec_free_context)
p521 = _Curve(
Integer(p),
Integer(b),
Integer(order),
Integer(Gx),
Integer(Gy),
None,
521,
"1.3.132.0.35", # SEC 2
context,
"NIST P-521",
"ecdsa-sha2-nistp521")
_curves.update(dict.fromkeys(p521_names, p521))
def decrypt(self, ciphertext, output=None):
"""Decrypt data with the key and the parameters set at initialization.
A cipher object is stateful: once you have decrypted a message
you cannot decrypt (or encrypt) another message with the same
object.
The data to decrypt can be broken up in two or
more pieces and `decrypt` can be called multiple times.
That is, the statement:
>>> c.decrypt(a) + c.decrypt(b)
is equivalent to:
>>> c.decrypt(a+b)
This function does not remove any padding from the plaintext.
:Parameters:
ciphertext : bytes/bytearray/memoryview
The piece of data to decrypt.
It can be of any length.
:Keywords:
output : bytearray/memoryview
The location where the plaintext is written to.
If ``None``, the plaintext is returned.
:Return:
If ``output`` is ``None``, the plaintext is returned as ``bytes``.
Otherwise, ``None``.
"""
if self.decrypt not in self._next:
raise TypeError("decrypt() cannot be called after encrypt()")
self._next = [self.decrypt]
if output is None:
plaintext = create_string_buffer(len(ciphertext))
else:
plaintext = output
if not is_writeable_buffer(output):
raise TypeError("output must be a bytearray or a writeable memoryview")
if len(ciphertext) != len(output):
raise ValueError("output must have the same length as the input"
" (%d bytes)" % len(plaintext))
result = raw_ofb_lib.OFB_decrypt(self._state.get(),
c_uint8_ptr(ciphertext),
c_uint8_ptr(plaintext),
c_size_t(len(ciphertext)))
if result:
raise ValueError("Error %d while decrypting in OFB mode" % result)
if output is None:
return get_raw_buffer(plaintext)
else:
return None
def __init__(self, x, y, curve="p256"):
try:
self._curve = _curves[curve]
except KeyError:
raise ValueError("Unknown curve name %s" % str(curve))
self._curve_name = curve
modulus_bytes = self.size_in_bytes()
context = self._curve.context
xb = long_to_bytes(x, modulus_bytes)
yb = long_to_bytes(y, modulus_bytes)
if len(xb) != modulus_bytes or len(yb) != modulus_bytes:
raise ValueError("Incorrect coordinate length")
self._point = VoidPointer()
result = _ec_lib.ec_ws_new_point(self._point.address_of(),
c_uint8_ptr(xb), c_uint8_ptr(yb),
c_size_t(modulus_bytes),
context.get())
if result:
if result == 15:
raise ValueError("The EC point does not belong to the curve")
raise ValueError("Error %d while instantiating an EC point" %
result)
# Ensure that object disposal of this Python object will (eventually)
# free the memory allocated by the raw library for the EC point
self._point = SmartPointer(self._point.get(), _ec_lib.ec_free_point)
def __init__(self, key, nonce):
"""Initialize a Salsa20 cipher object
See also `new()` at the module level."""
if len(key) not in key_size:
raise ValueError("Incorrect key length for Salsa20 (%d bytes)" % len(key))
if len(nonce) != 8:
raise ValueError("Incorrect nonce length for Salsa20 (%d bytes)" %
len(nonce))
self.nonce = _copy_bytes(None, None, nonce)
self._state = VoidPointer()
result = _raw_salsa20_lib.Salsa20_stream_init(
c_uint8_ptr(key),
c_size_t(len(key)),
c_uint8_ptr(nonce),
c_size_t(len(nonce)),
self._state.address_of())
if result:
raise ValueError("Error %d instantiating a Salsa20 cipher")
self._state = SmartPointer(self._state.get(),
_raw_salsa20_lib.Salsa20_stream_destroy)
self.block_size = 1
self.key_size = len(key)
def xy(self):
xb = bytearray(32)
yb = bytearray(32)
result = _ec_lib.ec_ws_get_xy(c_uint8_ptr(xb), c_uint8_ptr(yb),
c_size_t(len(xb)), self._point.get())
if result:
raise ValueError("Error %d while encoding an EC point" % result)
return [Integer(bytes_to_long(c)) for c in (xb, yb)]
def encrypt(self, plaintext, output=None):
"""Encrypt data with the key set at initialization.
The data to encrypt can be broken up in two or
more pieces and `encrypt` can be called multiple times.
That is, the statement:
>>> c.encrypt(a) + c.encrypt(b)
is equivalent to:
>>> c.encrypt(a+b)
This function does not add any padding to the plaintext.
:Parameters:
plaintext : bytes/bytearray/memoryview
The piece of data to encrypt.
The length must be multiple of the cipher block length.
:Keywords:
output : bytearray/memoryview
The location where the ciphertext must be written to.
If ``None``, the ciphertext is returned.
:Return:
If ``output`` is ``None``, the ciphertext is returned as ``bytes``.
Otherwise, ``None``.
"""
if output is None:
ciphertext = create_string_buffer(len(plaintext))
else:
ciphertext = output
if not is_writeable_buffer(output):
raise TypeError(
"output must be a bytearray or a writeable memoryview")
if len(plaintext) != len(output):
raise ValueError(
"output must have the same length as the input"
" (%d bytes)" % len(plaintext))
result = raw_ecb_lib.ECB_encrypt(self._state.get(),
c_uint8_ptr(plaintext),
c_uint8_ptr(ciphertext),
c_size_t(len(plaintext)))
if result:
if result == 3:
raise ValueError(
"Data must be aligned to block boundary in ECB mode")
raise ValueError("Error %d while encrypting in ECB mode" % result)
if output is None:
return get_raw_buffer(ciphertext)
else:
return None
def xy(self):
order_bytes = self._curve.order.size_in_bytes()
xb = bytearray(order_bytes)
yb = bytearray(order_bytes)
result = _ec_lib.ec_ws_get_xy(c_uint8_ptr(xb), c_uint8_ptr(yb),
c_size_t(len(xb)), self._point.get())
if result:
raise ValueError("Error %d while encoding an EC point" % result)
return (Integer(bytes_to_long(xb)), Integer(bytes_to_long(yb)))
def _pkcs1_decode(em, sentinel, expected_pt_len, output):
if len(em) != len(output):
raise ValueError("Incorrect output length")
ret = _raw_pkcs1_decode.pkcs1_decode(c_uint8_ptr(em), c_size_t(len(em)),
c_uint8_ptr(sentinel),
c_size_t(len(sentinel)),
c_size_t(expected_pt_len),
c_uint8_ptr(output))
return ret
def encrypt(self, plaintext, output=None):
"""Encrypt data with the key set at initialization.
The data to encrypt can be broken up in two or
more pieces and `encrypt` can be called multiple times.
That is, the statement:
>>> c.encrypt(a) + c.encrypt(b)
is equivalent to:
>>> c.encrypt(a+b)
This function does not add any padding to the plaintext.
:Parameters:
plaintext : bytes/bytearray/memoryview
The piece of data to encrypt.
The length must be multiple of the cipher block length.
:Keywords:
output : bytearray/memoryview
The location where the ciphertext must be written to.
If ``None``, the ciphertext is returned.
:Return:
If ``output`` is ``None``, the ciphertext is returned as ``bytes``.
Otherwise, ``None``.
"""
if output is None:
ciphertext = create_string_buffer(len(plaintext))
else:
ciphertext = output
if not is_writeable_buffer(output):
raise TypeError("output must be a bytearray or a writeable memoryview")
if len(plaintext) != len(output):
raise ValueError("output must have the same length as the input"
" (%d bytes)" % len(plaintext))
result = raw_ecb_lib.ECB_encrypt(self._state.get(),
c_uint8_ptr(plaintext),
c_uint8_ptr(ciphertext),
c_size_t(len(plaintext)))
if result:
if result == 3:
raise ValueError("Data must be aligned to block boundary in ECB mode")
raise ValueError("Error %d while encrypting in ECB mode" % result)
if output is None:
return get_raw_buffer(ciphertext)
else:
return None
def xy(self):
modulus_bytes = self.size_in_bytes()
xb = bytearray(modulus_bytes)
yb = bytearray(modulus_bytes)
result = _ec_lib.ec_ws_get_xy(c_uint8_ptr(xb),
c_uint8_ptr(yb),
c_size_t(modulus_bytes),
self._point.get())
if result:
raise ValueError("Error %d while encoding an EC point" % result)
return (Integer(bytes_to_long(xb)), Integer(bytes_to_long(yb)))
def _HChaCha20(key, nonce):
assert (len(key) == 32)
assert (len(nonce) == 16)
subkey = bytearray(32)
result = _raw_chacha20_lib.hchacha20(c_uint8_ptr(key), c_uint8_ptr(nonce),
c_uint8_ptr(subkey))
if result:
raise ValueError("Error %d when deriving subkey with HChaCha20" %
result)
return subkey
def strxor(term1, term2):
"""XOR of two byte strings.
They must have equal length.
Return:
A new byte string, :data:`term1` xored with :data:`term2`.
"""
if len(term1) != len(term2):
raise ValueError("Only byte strings of equal length can be xored")
result = create_string_buffer(len(term1))
_raw_strxor.strxor(c_uint8_ptr(term1), c_uint8_ptr(term2), result,
c_size_t(len(term1)))
return get_raw_buffer(result)
def __init__(self, key, *args, **kwargs):
"""Initialize an ARC4 cipher object
See also `new()` at the module level."""
if len(args) > 0:
ndrop = args[0]
args = args[1:]
else:
ndrop = kwargs.pop('drop', 0)
if len(key) not in key_size:
raise ValueError("Incorrect ARC4 key length (%d bytes)" % len(key))
self._state = VoidPointer()
result = _raw_arc4_lib.ARC4_stream_init(c_uint8_ptr(key),
c_size_t(len(key)),
self._state.address_of())
if result != 0:
raise ValueError("Error %d while creating the ARC4 cipher" %
result)
self._state = SmartPointer(self._state.get(),
_raw_arc4_lib.ARC4_stream_destroy)
if ndrop > 0:
# This is OK even if the cipher is used for decryption,
# since encrypt and decrypt are actually the same thing
# with ARC4.
self.encrypt(b('\x00') * ndrop)
self.block_size = 1
self.key_size = len(key)
def __init__(self, key, nonce):
"""Initialize a ChaCha20/XChaCha20 cipher object
See also `new()` at the module level."""
# XChaCha20 requires a key derivation with HChaCha20
# See 2.3 in https://tools.ietf.org/html/draft-arciszewski-xchacha-03
if len(nonce) == 24:
key = _HChaCha20(key, nonce[:16])
nonce = b'\x00' * 4 + nonce[16:]
self._name = "XChaCha20"
else:
self._name = "ChaCha20"
self.nonce = _copy_bytes(None, None, nonce)
self._next = (self.encrypt, self.decrypt)
self._state = VoidPointer()
result = _raw_chacha20_lib.chacha20_init(self._state.address_of(),
c_uint8_ptr(key),
c_size_t(len(key)),
self.nonce,
c_size_t(len(nonce)))
if result:
raise ValueError("Error %d instantiating a %s cipher" %
(result, self._name))
self._state = SmartPointer(self._state.get(),
_raw_chacha20_lib.chacha20_destroy)
def encrypt(self, plaintext):
"""Encrypt data with the key set at initialization.
The data to encrypt can be broken up in two or
more pieces and `encrypt` can be called multiple times.
That is, the statement:
>>> c.encrypt(a) + c.encrypt(b)
is equivalent to:
>>> c.encrypt(a+b)
This function does not add any padding to the plaintext.
:Parameters:
plaintext : bytes/bytearray/memoryview
The piece of data to encrypt.
The length must be multiple of the cipher block length.
:Return:
the encrypted data, as a byte string.
It is as long as *plaintext*.
"""
ciphertext = create_string_buffer(len(plaintext))
result = raw_ecb_lib.ECB_encrypt(self._state.get(),
c_uint8_ptr(plaintext),
ciphertext,
c_size_t(len(plaintext)))
if result:
if result == 3:
raise ValueError("Data must be aligned to block boundary in ECB mode")
raise ValueError("Error %d while encrypting in ECB mode" % result)
return get_raw_buffer(ciphertext)
def encrypt(self, plaintext):
"""Encrypt data with the key set at initialization.
The data to encrypt can be broken up in two or
more pieces and `encrypt` can be called multiple times.
That is, the statement:
>>> c.encrypt(a) + c.encrypt(b)
is equivalent to:
>>> c.encrypt(a+b)
This function does not add any padding to the plaintext.
:Parameters:
plaintext : byte string/array
The piece of data to encrypt.
The length must be multiple of the cipher block length.
:Return:
the encrypted data, as a byte string.
It is as long as *plaintext*.
"""
ciphertext = create_string_buffer(len(plaintext))
result = raw_ecb_lib.ECB_encrypt(self._state.get(),
c_uint8_ptr(plaintext), ciphertext,
c_size_t(len(plaintext)))
if result:
if result == 3:
raise ValueError(
"Data must be aligned to block boundary in ECB mode")
raise ValueError("Error %d while encrypting in ECB mode" % result)
return get_raw_buffer(ciphertext)
def _create_base_cipher(dict_parameters):
"""This method instantiates and returns a handle to a low-level
basic cipher. It will absorb named parameters in the process."""
use_aesni = dict_parameters.pop("use_aesni", True)
try:
key = dict_parameters.pop("key")
except KeyError:
raise TypeError("Missing 'key' parameter")
if len(key) not in key_size:
raise ValueError("Incorrect AES key length (%d bytes)" % len(key))
if use_aesni and _raw_aesni_lib:
start_operation = _raw_aesni_lib.AESNI_start_operation
stop_operation = _raw_aesni_lib.AESNI_stop_operation
else:
start_operation = _raw_aes_lib.AES_start_operation
stop_operation = _raw_aes_lib.AES_stop_operation
cipher = VoidPointer()
result = start_operation(c_uint8_ptr(key), c_size_t(len(key)),
cipher.address_of())
if result:
raise ValueError("Error %X while instantiating the AES cipher" %
result)
return SmartPointer(cipher.get(), stop_operation)
def _create_base_cipher(dict_parameters):
"""This method instantiates and returns a handle to a low-level
basic cipher. It will absorb named parameters in the process."""
try:
key = dict_parameters.pop("key")
except KeyError:
raise TypeError("Missing 'key' parameter")
effective_keylen = dict_parameters.pop("effective_keylen", 1024)
if len(key) not in key_size:
raise ValueError("Incorrect ARC2 key length (%d bytes)" % len(key))
if not (40 < effective_keylen <= 1024):
raise ValueError("'effective_key_len' must be no larger than 1024 "
"(not %d)" % effective_keylen)
start_operation = _raw_arc2_lib.ARC2_start_operation
stop_operation = _raw_arc2_lib.ARC2_stop_operation
cipher = VoidPointer()
result = start_operation(c_uint8_ptr(key), c_size_t(len(key)),
c_size_t(effective_keylen), cipher.address_of())
if result:
raise ValueError("Error %X while instantiating the ARC2 cipher" %
result)
return SmartPointer(cipher.get(), stop_operation)
def _update(self, assoc_data, assoc_data_len):
result = _raw_ocb_lib.OCB_update(self._state.get(),
c_uint8_ptr(assoc_data),
c_size_t(assoc_data_len))
if result:
raise ValueError("Error %d while computing MAC in OCB mode" %
result)
def _update(self, data, hash_obj):
result = _raw_keccak_lib.keccak_absorb(hash_obj.get(),
c_uint8_ptr(data),
c_size_t(len(data)))
if result:
raise ValueError("Error %d while updating KangarooTwelve state" %
result)
def from_bytes(byte_string, byteorder='big'):
"""Convert a byte string into a number.
:Parameters:
byte_string : byte string
The input number, encoded in network order.
It can only be non-negative.
byteorder : string
'big' for big-endian integers (default), 'little' for litte-endian.
:Return:
The ``Integer`` object carrying the same value as the input.
"""
result = IntegerGMP(0)
if byteorder == 'big':
pass
elif byteorder == 'little':
byte_string = bytearray(byte_string)
byte_string.reverse()
else:
raise ValueError("Incorrect byteorder")
_gmp.mpz_import(
result._mpz_p,
c_size_t(len(byte_string)), # Amount of words to read
1, # Big endian
c_size_t(1), # Each word is 1 byte long
0, # Endianess within a word - not relevant
c_size_t(0), # No nails
c_uint8_ptr(byte_string))
return result
def __init__(self, key, *args, **kwargs):
"""Initialize an ARC4 cipher object
See also `new()` at the module level."""
if len(args) > 0:
ndrop = args[0]
args = args[1:]
else:
ndrop = kwargs.pop('drop', 0)
if len(key) not in key_size:
raise ValueError("Incorrect ARC4 key length (%d bytes)" %
len(key))
self._state = VoidPointer()
result = _raw_arc4_lib.ARC4_stream_init(c_uint8_ptr(key),
c_size_t(len(key)),
self._state.address_of())
if result != 0:
raise ValueError("Error %d while creating the ARC4 cipher"
% result)
self._state = SmartPointer(self._state.get(),
_raw_arc4_lib.ARC4_stream_destroy)
if ndrop > 0:
# This is OK even if the cipher is used for decryption,
# since encrypt and decrypt are actually the same thing
# with ARC4.
self.encrypt(b'\x00' * ndrop)
self.block_size = 1
self.key_size = len(key)
def _create_base_cipher(dict_parameters):
"""This method instantiates and returns a handle to a low-level
base cipher. It will absorb named parameters in the process."""
try:
key = dict_parameters.pop("key")
except KeyError:
raise TypeError("Missing 'key' parameter")
effective_keylen = dict_parameters.pop("effective_keylen", 1024)
if len(key) not in key_size:
raise ValueError("Incorrect ARC2 key length (%d bytes)" % len(key))
if not (40 < effective_keylen <= 1024):
raise ValueError("'effective_key_len' must be no larger than 1024 "
"(not %d)" % effective_keylen)
start_operation = _raw_arc2_lib.ARC2_start_operation
stop_operation = _raw_arc2_lib.ARC2_stop_operation
cipher = VoidPointer()
result = start_operation(c_uint8_ptr(key),
c_size_t(len(key)),
c_size_t(effective_keylen),
cipher.address_of())
if result:
raise ValueError("Error %X while instantiating the ARC2 cipher"
% result)
return SmartPointer(cipher.get(), stop_operation)
def _create_base_cipher(dict_parameters):
"""This method instantiates and returns a handle to a low-level
base cipher. It will absorb named parameters in the process."""
use_aesni = dict_parameters.pop("use_aesni", True)
try:
key = dict_parameters.pop("key")
except KeyError:
raise TypeError("Missing 'key' parameter")
if len(key) not in key_size:
raise ValueError("Incorrect AES key length (%d bytes)" % len(key))
if use_aesni and _raw_aesni_lib:
start_operation = _raw_aesni_lib.AESNI_start_operation
stop_operation = _raw_aesni_lib.AESNI_stop_operation
else:
start_operation = _raw_aes_lib.AES_start_operation
stop_operation = _raw_aes_lib.AES_stop_operation
cipher = VoidPointer()
result = start_operation(c_uint8_ptr(key),
c_size_t(len(key)),
cipher.address_of())
if result:
raise ValueError("Error %X while instantiating the AES cipher"
% result)
return SmartPointer(cipher.get(), stop_operation)
def strxor(term1, term2):
"""XOR of two byte strings.
They must have equal length.
Return:
A new byte string, :data:`term1` xored with :data:`term2`.
"""
if len(term1) != len(term2):
raise ValueError("Only byte strings of equal length can be xored")
result = create_string_buffer(len(term1))
_raw_strxor.strxor(c_uint8_ptr(term1),
c_uint8_ptr(term2),
result,
c_size_t(len(term1)))
return get_raw_buffer(result)
def __init__(self, block_cipher, initial_counter_block, prefix_len,
counter_len, little_endian):
"""Create a new block cipher, configured in CTR mode.
:Parameters:
block_cipher : C pointer
A smart pointer to the low-level block cipher instance.
initial_counter_block : bytes/bytearray/memoryview
The initial plaintext to use to generate the key stream.
It is as large as the cipher block, and it embeds
the initial value of the counter.
This value must not be reused.
It shall contain a nonce or a random component.
Reusing the *initial counter block* for encryptions
performed with the same key compromises confidentiality.
prefix_len : integer
The amount of bytes at the beginning of the counter block
that never change.
counter_len : integer
The length in bytes of the counter embedded in the counter
block.
little_endian : boolean
True if the counter in the counter block is an integer encoded
in little endian mode. If False, it is big endian.
"""
if len(initial_counter_block) == prefix_len + counter_len:
self.nonce = _copy_bytes(None, prefix_len, initial_counter_block)
"""Nonce; not available if there is a fixed suffix"""
self._state = VoidPointer()
result = raw_ctr_lib.CTR_start_operation(
block_cipher.get(), c_uint8_ptr(initial_counter_block),
c_size_t(len(initial_counter_block)), c_size_t(prefix_len),
counter_len, little_endian, self._state.address_of())
if result:
raise ValueError("Error %X while instatiating the CTR mode" %
result)
# Ensure that object disposal of this Python object will (eventually)
# free the memory allocated by the raw library for the cipher mode
self._state = SmartPointer(self._state.get(),
raw_ctr_lib.CTR_stop_operation)
# Memory allocated for the underlying block cipher is now owed
# by the cipher mode
block_cipher.release()
self.block_size = len(initial_counter_block)
"""The block size of the underlying cipher, in bytes."""
self._next = [self.encrypt, self.decrypt]
def strxor(term1, term2, output=None):
"""From two byte strings of equal length,
create a third one which is the byte-by-byte XOR of the two.
Args:
term1 (bytes/bytearray/memoryview):
The first byte string to XOR.
term2 (bytes/bytearray/memoryview):
The second byte string to XOR.
output (bytearray/memoryview):
The location where the result will be written to.
It must have the same length as ``term1`` and ``term2``.
If ``None``, the result is returned.
:Return:
If ``output`` is ``None``, a new byte string with the result.
Otherwise ``None``.
.. note::
``term1`` and ``term2`` must have the same length.
"""
if len(term1) != len(term2):
raise ValueError("Only byte strings of equal length can be xored")
if output is None:
result = create_string_buffer(len(term1))
else:
# Note: output may overlap with either input
result = output
if not is_writeable_buffer(output):
raise TypeError(
"output must be a bytearray or a writeable memoryview")
if len(term1) != len(output):
raise ValueError("output must have the same length as the input"
" (%d bytes)" % len(term1))
_raw_strxor.strxor(c_uint8_ptr(term1), c_uint8_ptr(term2),
c_uint8_ptr(result), c_size_t(len(term1)))
if output is None:
return get_raw_buffer(result)
else:
return None
def __init__(self, r, s, data):
if len(r) != 16:
raise ValueError("Paramater r is not 16 bytes long")
if len(s) != 16:
raise ValueError("Parameter s is not 16 bytes long")
self._mac_tag = None
state = VoidPointer()
result = _raw_poly1305.poly1305_init(state.address_of(),
c_uint8_ptr(r), c_size_t(len(r)),
c_uint8_ptr(s), c_size_t(len(s)))
if result:
raise ValueError("Error %d while instantiating Poly1305" % result)
self._state = SmartPointer(state.get(), _raw_poly1305.poly1305_destroy)
if data:
self.update(data)
def strxor_c(term, c, output=None):
"""From a byte string, create a second one of equal length
where each byte is XOR-red with the same value.
Args:
term(bytes/bytearray/memoryview):
The byte string to XOR.
c (int):
Every byte in the string will be XOR-ed with this value.
It must be between 0 and 255 (included).
output (None or bytearray/memoryview):
The location where the result will be written to.
It must have the same length as ``term``.
If ``None``, the result is returned.
Return:
If ``output`` is ``None``, a new ``bytes`` string with the result.
Otherwise ``None``.
"""
if not 0 <= c < 256:
raise ValueError("c must be in range(256)")
if output is None:
result = create_string_buffer(len(term))
else:
# Note: output may overlap with either input
result = output
if not is_writeable_buffer(output):
raise TypeError(
"output must be a bytearray or a writeable memoryview")
if len(term) != len(output):
raise ValueError("output must have the same length as the input"
" (%d bytes)" % len(term))
_raw_strxor.strxor_c(c_uint8_ptr(term), c, c_uint8_ptr(result),
c_size_t(len(term)))
if output is None:
return get_raw_buffer(result)
else:
return None
def update(self, block_data):
assert len(block_data) % 16 == 0
result = _raw_galois_lib.ghash(self._last_y, c_uint8_ptr(block_data),
c_size_t(len(block_data)), self._last_y,
self._exp_key.get())
if result:
raise ValueError("Error %d while updating GMAC" % result)
return self
def strxor_c(term, c, output=None):
"""XOR a byte string with a repeated sequence of characters.
Args:
term(bytes/bytearray/memoryview):
The first term of the XOR operation.
c (bytes):
The byte that makes up the second term of the XOR operation.
output (None or bytearray/memoryview):
If not ``None``, the location where the result is stored into.
Return:
If ``output`` is ``None``, a new ``bytes`` string with the result.
Otherwise ``None``.
"""
if not 0 <= c < 256:
raise ValueError("c must be in range(256)")
if output is None:
result = create_string_buffer(len(term))
else:
# Note: output may overlap with either input
result = output
if not is_writeable_buffer(output):
raise TypeError("output must be a bytearray or a writeable memoryview")
if len(term) != len(output):
raise ValueError("output must have the same length as the input"
" (%d bytes)" % len(term))
_raw_strxor.strxor_c(c_uint8_ptr(term),
c,
c_uint8_ptr(result),
c_size_t(len(term))
)
if output is None:
return get_raw_buffer(result)
else:
return None
def __init__(self, x, y):
xb = long_to_bytes(x, 32)
yb = long_to_bytes(y, 32)
assert (len(xb) == 32)
assert (len(yb) == 32)
self._point = VoidPointer()
result = _ec_lib.ec_ws_new_point(self._point.address_of(),
c_uint8_ptr(xb), c_uint8_ptr(yb),
c_size_t(len(xb)),
_ec_p256_context.get())
if result:
if result == 15:
raise ValueError("The EC point does not belong to the curve")
raise ValueError("Error %d while instantiating an EC point" %
result)
# Ensure that object disposal of this Python object will (eventually)
# free the memory allocated by the raw library for the EC point
self._point = SmartPointer(self._point.get(), _ec_lib.ec_free_point)
def update(self, data):
"""Continue hashing of a message by consuming the next chunk of data.
Args:
data (byte string/byte array/memoryview): The next chunk of the message being hashed.
"""
result = _raw_md5_lib.MD5_update(self._state.get(), c_uint8_ptr(data),
c_size_t(len(data)))
if result:
raise ValueError("Error %d while instantiating MD5" % result)
def update(self, data):
if self._mac_tag:
raise TypeError("You can only call 'digest' or 'hexdigest' on this object")
result = _raw_poly1305.poly1305_update(self._state.get(),
c_uint8_ptr(data),
c_size_t(len(data)))
if result:
raise ValueError("Error %d while hashing Poly1305 data" % result)
return self
def strxor(term1, term2, output=None):
"""XOR two byte strings.
Args:
term1 (bytes/bytearray/memoryview):
The first term of the XOR operation.
term2 (bytes/bytearray/memoryview):
The second term of the XOR operation.
output (bytearray/memoryview):
The location where the result must be written to.
If ``None``, the result is returned.
:Return:
If ``output`` is ``None``, a new ``bytes`` string with the result.
Otherwise ``None``.
"""
if len(term1) != len(term2):
raise ValueError("Only byte strings of equal length can be xored")
if output is None:
result = create_string_buffer(len(term1))
else:
# Note: output may overlap with either input
result = output
if not is_writeable_buffer(output):
raise TypeError("output must be a bytearray or a writeable memoryview")
if len(term1) != len(output):
raise ValueError("output must have the same length as the input"
" (%d bytes)" % len(term1))
_raw_strxor.strxor(c_uint8_ptr(term1),
c_uint8_ptr(term2),
c_uint8_ptr(result),
c_size_t(len(term1)))
if output is None:
return get_raw_buffer(result)
else:
return None
def strxor_c(term, c):
"""XOR of a byte string with a repeated sequence of characters.
Return:
A new byte string, :data:`term` with all its bytes xored with :data:`c`.
"""
if not 0 <= c < 256:
raise ValueError("c must be in range(256)")
result = create_string_buffer(len(term))
_raw_strxor.strxor_c(c_uint8_ptr(term), c, result, c_size_t(len(term)))
return get_raw_buffer(result)
def update(self, block_data):
assert len(block_data) % 16 == 0
result = _raw_galois_lib.ghash(self._last_y,
c_uint8_ptr(block_data),
c_size_t(len(block_data)),
self._last_y,
self._exp_key.get())
if result:
raise ValueError("Error %d while updating GMAC" % result)
return self
def _encrypt(self, plaintext):
"""Encrypt without FSM checks"""
ciphertext = create_string_buffer(len(plaintext))
result = _raw_chacha20_lib.chacha20_encrypt(
self._state.get(),
c_uint8_ptr(plaintext),
ciphertext,
c_size_t(len(plaintext)))
if result:
raise ValueError("Error %d while encrypting with ChaCha20" % result)
return get_raw_buffer(ciphertext)
def __imul__(self, scalar):
"""Multiply this point by a scalar"""
if scalar < 0:
raise ValueError("Scalar multiplication is only defined for non-negative integers")
sb = long_to_bytes(scalar)
result = _ec_lib.ec_ws_scalar(self._point.get(),
c_uint8_ptr(sb),
c_size_t(len(sb)),
c_ulonglong(getrandbits(64)))
if result:
raise ValueError("Error %d during scalar multiplication" % result)
return self
def update(self, data):
"""Continue hashing of a message by consuming the next chunk of data.
Args:
data (byte string/byte array/memoryview): The next chunk of the message being hashed.
"""
result = _raw_sha256_lib.SHA256_update(self._state.get(),
c_uint8_ptr(data),
c_size_t(len(data)))
if result:
raise ValueError("Error %d while hashing data with SHA256"
% result)
def __init__(self, subkey):
assert len(subkey) == 16
self._exp_key = VoidPointer()
result = _raw_galois_lib.ghash_expand(c_uint8_ptr(subkey),
self._exp_key.address_of())
if result:
raise ValueError("Error %d while expanding the GMAC key" % result)
self._exp_key = SmartPointer(self._exp_key.get(),
_raw_galois_lib.ghash_destroy)
# create_string_buffer always returns a string of zeroes
self._last_y = create_string_buffer(16)
def encrypt(self, plaintext, output=None):
"""Encrypt a piece of data.
Args:
plaintext(bytes/bytearray/memoryview): The data to encrypt, of any size.
Keyword Args:
output(bytes/bytearray/memoryview): The location where the ciphertext
is written to. If ``None``, the ciphertext is returned.
Returns:
If ``output`` is ``None``, the ciphertext is returned as ``bytes``.
Otherwise, ``None``.
"""
if output is None:
ciphertext = create_string_buffer(len(plaintext))
else:
ciphertext = output
if not is_writeable_buffer(output):
raise TypeError("output must be a bytearray or a writeable memoryview")
if len(plaintext) != len(output):
raise ValueError("output must have the same length as the input"
" (%d bytes)" % len(plaintext))
result = _raw_salsa20_lib.Salsa20_stream_encrypt(
self._state.get(),
c_uint8_ptr(plaintext),
c_uint8_ptr(ciphertext),
c_size_t(len(plaintext)))
if result:
raise ValueError("Error %d while encrypting with Salsa20" % result)
if output is None:
return get_raw_buffer(ciphertext)
else:
return None
def __init__(self, block_cipher, iv, segment_size):
"""Create a new block cipher, configured in CFB mode.
:Parameters:
block_cipher : C pointer
A smart pointer to the low-level block cipher instance.
iv : bytes/bytearray/memoryview
The initialization vector to use for encryption or decryption.
It is as long as the cipher block.
**The IV must be unpredictable**. Ideally it is picked randomly.
Reusing the *IV* for encryptions performed with the same key
compromises confidentiality.
segment_size : integer
The number of bytes the plaintext and ciphertext are segmented in.
"""
self._state = VoidPointer()
result = raw_cfb_lib.CFB_start_operation(block_cipher.get(),
c_uint8_ptr(iv),
c_size_t(len(iv)),
c_size_t(segment_size),
self._state.address_of())
if result:
raise ValueError("Error %d while instatiating the CFB mode" % result)
# Ensure that object disposal of this Python object will (eventually)
# free the memory allocated by the raw library for the cipher mode
self._state = SmartPointer(self._state.get(),
raw_cfb_lib.CFB_stop_operation)
# Memory allocated for the underlying block cipher is now owed
# by the cipher mode
block_cipher.release()
self.block_size = len(iv)
"""The block size of the underlying cipher, in bytes."""
self.iv = _copy_bytes(None, None, iv)
"""The Initialization Vector originally used to create the object.
The value does not change."""
self.IV = self.iv
"""Alias for `iv`"""
self._next = [ self.encrypt, self.decrypt ]
def init_p521():
p = 0x000001ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff
b = 0x00000051953eb9618e1c9a1f929a21a0b68540eea2da725b99b315f3b8b489918ef109e156193951ec7e937b1652c0bd3bb1bf073573df883d2c34f1ef451fd46b503f00
order = 0x000001fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffa51868783bf2f966b7fcc0148f709a5d03bb5c9b8899c47aebb6fb71e91386409
Gx = 0x000000c6858e06b70404e9cd9e3ecb662395b4429c648139053fb521f828af606b4d3dbaa14b5e77efe75928fe1dc127a2ffa8de3348b3c1856a429bf97e7e31c2e5bd66
Gy = 0x0000011839296a789a3bc0045c8a5fb42c7d1bd998f54449579b446817afbd17273e662c97ee72995ef42640c550b9013fad0761353c7086a272c24088be94769fd16650
p521_modulus = long_to_bytes(p, 66)
p521_b = long_to_bytes(b, 66)
p521_order = long_to_bytes(order, 66)
ec_p521_context = VoidPointer()
result = _ec_lib.ec_ws_new_context(ec_p521_context.address_of(),
c_uint8_ptr(p521_modulus),
c_uint8_ptr(p521_b),
c_uint8_ptr(p521_order),
c_size_t(len(p521_modulus)),
c_ulonglong(getrandbits(64))
)
if result:
raise ImportError("Error %d initializing P-521 context" % result)
context = SmartPointer(ec_p521_context.get(), _ec_lib.ec_free_context)
p521 = _Curve(Integer(p),
Integer(b),
Integer(order),
Integer(Gx),
Integer(Gy),
None,
521,
"1.3.132.0.35", # SEC 2
context,
"NIST P-521",
"ecdsa-sha2-nistp521")
global p521_names
_curves.update(dict.fromkeys(p521_names, p521))
def init_p256():
p = 0xffffffff00000001000000000000000000000000ffffffffffffffffffffffff
b = 0x5ac635d8aa3a93e7b3ebbd55769886bc651d06b0cc53b0f63bce3c3e27d2604b
order = 0xffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551
Gx = 0x6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c296
Gy = 0x4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f5
p256_modulus = long_to_bytes(p, 32)
p256_b = long_to_bytes(b, 32)
p256_order = long_to_bytes(order, 32)
ec_p256_context = VoidPointer()
result = _ec_lib.ec_ws_new_context(ec_p256_context.address_of(),
c_uint8_ptr(p256_modulus),
c_uint8_ptr(p256_b),
c_uint8_ptr(p256_order),
c_size_t(len(p256_modulus)),
c_ulonglong(getrandbits(64))
)
if result:
raise ImportError("Error %d initializing P-256 context" % result)
context = SmartPointer(ec_p256_context.get(), _ec_lib.ec_free_context)
p256 = _Curve(Integer(p),
Integer(b),
Integer(order),
Integer(Gx),
Integer(Gy),
None,
256,
"1.2.840.10045.3.1.7", # ANSI X9.62
context,
"NIST P-256",
"ecdsa-sha2-nistp256")
global p256_names
_curves.update(dict.fromkeys(p256_names, p256))
def init_p384():
p = 0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0000000000000000ffffffff
b = 0xb3312fa7e23ee7e4988e056be3f82d19181d9c6efe8141120314088f5013875ac656398d8a2ed19d2a85c8edd3ec2aef
order = 0xffffffffffffffffffffffffffffffffffffffffffffffffc7634d81f4372ddf581a0db248b0a77aecec196accc52973
Gx = 0xaa87ca22be8b05378eb1c71ef320ad746e1d3b628ba79b9859f741e082542a385502f25dbf55296c3a545e3872760aB7
Gy = 0x3617de4a96262c6f5d9e98bf9292dc29f8f41dbd289a147ce9da3113b5f0b8c00a60b1ce1d7e819d7a431d7c90ea0e5F
p384_modulus = long_to_bytes(p, 48)
p384_b = long_to_bytes(b, 48)
p384_order = long_to_bytes(order, 48)
ec_p384_context = VoidPointer()
result = _ec_lib.ec_ws_new_context(ec_p384_context.address_of(),
c_uint8_ptr(p384_modulus),
c_uint8_ptr(p384_b),
c_uint8_ptr(p384_order),
c_size_t(len(p384_modulus)),
c_ulonglong(getrandbits(64))
)
if result:
raise ImportError("Error %d initializing P-384 context" % result)
context = SmartPointer(ec_p384_context.get(), _ec_lib.ec_free_context)
p384 = _Curve(Integer(p),
Integer(b),
Integer(order),
Integer(Gx),
Integer(Gy),
None,
384,
"1.3.132.0.34", # SEC 2
context,
"NIST P-384",
"ecdsa-sha2-nistp384")
global p384_names
_curves.update(dict.fromkeys(p384_names, p384))
def update(self, data):
"""Continue hashing of a message by consuming the next chunk of data.
Args:
data (byte string/array): The next chunk of the message being hashed.
"""
if self._digest_done and not self._update_after_digest:
raise TypeError("You can only call 'digest' or 'hexdigest' on this object")
result = _raw_blake2b_lib.blake2b_update(self._state.get(),
c_uint8_ptr(data),
c_size_t(len(data)))
if result:
raise ValueError("Error %d while hashing BLAKE2b data" % result)
return self
def update(self, data):
"""Continue hashing of a message by consuming the next chunk of data.
Args:
data (byte string/byte array/memoryview): The next chunk of the message being hashed.
"""
if self._is_squeezing:
raise TypeError("You cannot call 'update' after the first 'read'")
result = _raw_keccak_lib.keccak_absorb(self._state.get(),
c_uint8_ptr(data),
c_size_t(len(data)))
if result:
raise ValueError("Error %d while updating SHAKE256 state"
% result)
return self
def encrypt(self, plaintext):
"""Encrypt data with the key and the parameters set at initialization.
A cipher object is stateful: once you have encrypted a message
you cannot encrypt (or decrypt) another message using the same
object.
The data to encrypt can be broken up in two or
more pieces and `encrypt` can be called multiple times.
That is, the statement:
>>> c.encrypt(a) + c.encrypt(b)
is equivalent to:
>>> c.encrypt(a+b)
That also means that you cannot reuse an object for encrypting
or decrypting other data with the same key.
This function does not add any padding to the plaintext.
:Parameters:
plaintext : bytes/bytearray/memoryview
The piece of data to encrypt.
Its lenght must be multiple of the cipher block size.
:Return:
the encrypted data, as a byte string.
It is as long as *plaintext*.
"""
if self.encrypt not in self._next:
raise TypeError("encrypt() cannot be called after decrypt()")
self._next = [ self.encrypt ]
ciphertext = create_string_buffer(len(plaintext))
result = raw_cbc_lib.CBC_encrypt(self._state.get(),
c_uint8_ptr(plaintext),
ciphertext,
c_size_t(len(plaintext)))
if result:
if result == 3:
raise ValueError("Data must be padded to %d byte boundary in CBC mode" % self.block_size)
raise ValueError("Error %d while encrypting in CBC mode" % result)
return get_raw_buffer(ciphertext)
def update(self, data):
"""Continue hashing of a message by consuming the next chunk of data.
Args:
data (byte string/byte array/memoryview): The next chunk of the message being hashed.
"""
if self._digest_done and not self._update_after_digest:
raise TypeError("You can only call 'digest' or 'hexdigest' on this object")
result = _raw_keccak_lib.keccak_absorb(self._state.get(),
c_uint8_ptr(data),
c_size_t(len(data)))
if result:
raise ValueError("Error %d while updating SHA-3/384"
% result)
return self
def encrypt(self, plaintext):
"""Encrypt a piece of data.
:param plaintext: The data to encrypt, of any size.
:type plaintext: bytes, bytearray, memoryview
:returns: the encrypted byte string, of equal length as the
plaintext.
"""
ciphertext = create_string_buffer(len(plaintext))
result = _raw_arc4_lib.ARC4_stream_encrypt(self._state.get(),
c_uint8_ptr(plaintext),
ciphertext,
c_size_t(len(plaintext)))
if result:
raise ValueError("Error %d while encrypting with RC4" % result)
return get_raw_buffer(ciphertext)
def encrypt(self, plaintext):
"""Encrypt data with the key and the parameters set at initialization.
A cipher object is stateful: once you have encrypted a message
you cannot encrypt (or decrypt) another message using the same
object.
The data to encrypt can be broken up in two or
more pieces and `encrypt` can be called multiple times.
That is, the statement:
>>> c.encrypt(a) + c.encrypt(b)
is equivalent to:
>>> c.encrypt(a+b)
This function does not add any padding to the plaintext.
:Parameters:
plaintext : bytes/bytearray/memoryview
The piece of data to encrypt.
It can be of any length.
:Return:
the encrypted data, as a byte string.
It is as long as *plaintext*.
"""
if self.encrypt not in self._next:
raise TypeError("encrypt() cannot be called after decrypt()")
self._next = [self.encrypt]
ciphertext = create_string_buffer(len(plaintext))
result = raw_ctr_lib.CTR_encrypt(self._state.get(),
c_uint8_ptr(plaintext),
ciphertext,
c_size_t(len(plaintext)))
if result:
if result == 0x60002:
raise OverflowError("The counter has wrapped around in"
" CTR mode")
raise ValueError("Error %X while encrypting in CTR mode" % result)
return get_raw_buffer(ciphertext)
def __init__(self, key, nonce):
"""Initialize a ChaCha20 cipher object
See also `new()` at the module level."""
self.nonce = _copy_bytes(None, None, nonce)
self._next = ( self.encrypt, self.decrypt )
self._state = VoidPointer()
result = _raw_chacha20_lib.chacha20_init(
self._state.address_of(),
c_uint8_ptr(key),
c_size_t(len(key)),
self.nonce,
c_size_t(len(nonce)))
if result:
raise ValueError("Error %d instantiating a ChaCha20 cipher")
self._state = SmartPointer(self._state.get(),
_raw_chacha20_lib.chacha20_destroy)
