def __init__(self, key, implementation, rawAesEncrypt):
self.isBlockCipher = False
self.isAEAD = True
self.nonceLength = 12
self.tagLength = 16
self.implementation = implementation
if len(key) == 16:
self.name = "aes128gcm"
elif len(key) == 32:
self.name = "aes256gcm"
else:
raise AssertionError()
self.key = key
self._rawAesEncrypt = rawAesEncrypt
self._ctr = python_aes.new(self.key, 6, bytearray(b'\x00' * 16))
# The GCM key is AES(0).
h = bytesToNumber(self._rawAesEncrypt(bytearray(16)))
# Pre-compute all 4-bit multiples of h. Note that bits are reversed
# because our polynomial representation places low-order terms at the
# most significant bit. Thus x^0 * h = h is at index 0b1000 = 8 and
# x^1 * h is at index 0b0100 = 4.
self._productTable = [0] * 16
self._productTable[self._reverseBits(1)] = h
for i in range(2, 16, 2):
self._productTable[self._reverseBits(i)] = \
self._gcmShift(self._productTable[self._reverseBits(i//2)])
self._productTable[self._reverseBits(i+1)] = \
self._gcmAdd(self._productTable[self._reverseBits(i)], h)
def createAES(key, IV, implList=None):
"""Create a new AES object.
@type key: str
@param key: A 16, 24, or 32 byte string.
@type IV: str
@param IV: A 16 byte string
@rtype: L{tlslite.utils.AES}
@return: An AES object.
"""
if implList == None:
implList = ["openssl", "tlscrypto", "pycrypto", "python"]
for impl in implList:
if impl == "openssl" and cryptomath.m2cryptoLoaded:
return openssl_aes.new(key, 2, IV)
elif impl == "tlscrypto" and cryptomath.tlscryptoLoaded:
return tlscrypto_aes.new(key, 2, IV)
elif impl == "pycrypto" and cryptomath.pycryptoLoaded:
return pycrypto_aes.new(key, 2, IV)
elif impl == "python":
return python_aes.new(key, 2, IV)
raise NotImplementedError()
def __init__(self, key, implementation, rawAesEncrypt, tag_length=16):
self.isBlockCipher = False
self.isAEAD = True
self.key = key
self.tagLength = tag_length
self.nonceLength = 12
self.implementation = implementation
if len(self.key) == 16 and self.tagLength == 8:
self.name = "aes128ccm_8"
elif len(self.key) == 16 and self.tagLength == 16:
self.name = "aes128ccm"
elif len(self.key) == 32 and self.tagLength == 8:
self.name = "aes256ccm_8"
else:
assert len(self.key) == 32 and self.tagLength == 16
self.name = "aes256ccm"
self._ctr = python_aes.new(self.key, 6, bytearray(b'\x00' * 16))
self._cbc = python_aes.new(self.key, 2, bytearray(b'\x00' * 16))
def createAESCTR(key, IV, implList=None):
"""Create a new AESCTR object.
:type key: str
:param key: A 16, 24, or 32 byte string.
:type IV: str
:param IV: A 8 or 12 byte string
:rtype: tlslite.utils.AES
:returns: An AES object.
"""
if implList is None:
implList = ["python"]
for impl in implList:
if impl == "python":
return python_aes.new(key, 6, IV)
raise NotImplementedError()
def createAES(key, IV, implList=None):
"""Create a new AES object.
@type key: str
@param key: A 16, 24, or 32 byte string.
@type IV: str
@param IV: A 16 byte string
@rtype: L{tlslite.utils.AES}
@return: An AES object.
"""
if implList is None:
implList = ["openssl", "pycrypto", "python"]
for impl in implList:
if impl == "openssl" and cryptomath.m2cryptoLoaded:
return openssl_aes.new(key, 2, IV)
elif impl == "pycrypto" and cryptomath.pycryptoLoaded:
return pycrypto_aes.new(key, 2, IV)
elif impl == "python":
return python_aes.new(key, 2, IV)
raise NotImplementedError()