def encrypt(self, plaintext):
"""Encrypt data with the key set at initialization.
The data to encrypt can be broken up in two or
more pieces and `encrypt` can be called multiple times.
That is, the statement:
>>> c.encrypt(a) + c.encrypt(b)
is equivalent to:
>>> c.encrypt(a+b)
This function does not add any padding to the plaintext.
:Parameters:
plaintext : byte string
The piece of data to encrypt.
The length must be multiple of the cipher block length.
:Return:
the encrypted data, as a byte string.
It is as long as *plaintext*.
"""
expect_byte_string(plaintext)
ciphertext = create_string_buffer(len(plaintext))
result = raw_ecb_lib.ECB_encrypt(self._state.get(),
plaintext,
ciphertext,
c_size_t(len(plaintext)))
if result:
raise ValueError("Error %d while encrypting in ECB mode" % result)
return get_raw_buffer(ciphertext)
def _encrypt(self, plaintext, output):
"""Encrypt without FSM checks"""
if output is None:
ciphertext = create_string_buffer(len(plaintext))
else:
ciphertext = output
if not is_writeable_buffer(output):
raise TypeError("output must be a bytearray or a writeable memoryview")
if len(plaintext) != len(output):
raise ValueError("output must have the same length as the input"
" (%d bytes)" % len(plaintext))
result = _raw_chacha20_lib.chacha20_encrypt(
self._state.get(),
c_uint8_ptr(plaintext),
c_uint8_ptr(ciphertext),
c_size_t(len(plaintext)))
if result:
raise ValueError("Error %d while encrypting with ChaCha20" % result)
if output is None:
return get_raw_buffer(ciphertext)
else:
return None
def read(self, length):
"""
Compute the next piece of XOF output.
.. note::
You cannot use :meth:`update` anymore after the first call to
:meth:`read`.
Args:
length (integer): the amount of bytes this method must return
:return: the next piece of XOF output (of the given length)
:rtype: byte string
"""
self._is_squeezing = True
bfr = create_string_buffer(length)
result = _raw_keccak_lib.keccak_squeeze(self._state.get(),
bfr,
c_size_t(length))
if result:
raise ValueError("Error %d while extracting from SHAKE128"
% result)
return get_raw_buffer(bfr)
def _transcrypt_aligned(self, in_data, in_data_len, trans_func, trans_desc):
out_data = create_string_buffer(in_data_len)
result = trans_func(self._state.get(), in_data, out_data, c_size_t(in_data_len))
if result:
raise ValueError("Error %d while %sing in OCB mode" % (result, trans_desc))
return get_raw_buffer(out_data)
def strxor_c(term, c):
"""Return term xored with a sequence of characters c."""
expect_byte_string(term)
if not 0 <= c < 256:
raise ValueError("c must be in range(256)")
result = create_string_buffer(len(term))
_raw_strxor.strxor_c(term, c, result, c_size_t(len(term)))
return get_raw_buffer(result)
def _transcrypt_aligned(self, in_data, in_data_len, trans_func,
trans_desc):
out_data = create_string_buffer(in_data_len)
result = trans_func(self._state.get(), in_data, out_data,
c_size_t(in_data_len))
if result:
raise ValueError("Error %d while %sing in OCB mode" %
(result, trans_desc))
return get_raw_buffer(out_data)
def _squeeze(self, hash_obj, length, padding):
bfr = create_string_buffer(length)
result = _raw_keccak_lib.keccak_squeeze(hash_obj.get(), bfr,
c_size_t(length),
c_ubyte(padding))
if result:
raise ValueError("Error %d while extracting from KangarooTwelve" %
result)
return get_raw_buffer(bfr)
def encrypt(self, plaintext, output=None):
"""Encrypt data with the key set at initialization.
The data to encrypt can be broken up in two or
more pieces and `encrypt` can be called multiple times.
That is, the statement:
>>> c.encrypt(a) + c.encrypt(b)
is equivalent to:
>>> c.encrypt(a+b)
This function does not add any padding to the plaintext.
:Parameters:
plaintext : bytes/bytearray/memoryview
The piece of data to encrypt.
The length must be multiple of the cipher block length.
:Keywords:
output : bytearray/memoryview
The location where the ciphertext must be written to.
If ``None``, the ciphertext is returned.
:Return:
If ``output`` is ``None``, the ciphertext is returned as ``bytes``.
Otherwise, ``None``.
"""
if output is None:
ciphertext = create_string_buffer(len(plaintext))
else:
ciphertext = output
if not is_writeable_buffer(output):
raise TypeError("output must be a bytearray or a writeable memoryview")
if len(plaintext) != len(output):
raise ValueError("output must have the same length as the input"
" (%d bytes)" % len(plaintext))
result = raw_ecb_lib.ECB_encrypt(self._state.get(),
c_uint8_ptr(plaintext),
c_uint8_ptr(ciphertext),
c_size_t(len(plaintext)))
if result:
if result == 3:
raise ValueError("Data must be aligned to block boundary in ECB mode")
raise ValueError("Error %d while encrypting in ECB mode" % result)
if output is None:
return get_raw_buffer(ciphertext)
else:
return None
def strxor(term1, term2):
"""Return term1 xored with term2.
The two byte strings must have equal length."""
expect_byte_string(term1)
expect_byte_string(term2)
if len(term1) != len(term2):
raise ValueError("Only byte strings of equal length can be xored")
result = create_string_buffer(len(term1))
_raw_strxor.strxor(term1, term2, result, c_size_t(len(term1)))
return get_raw_buffer(result)
def encrypt(self, plaintext, output=None):
"""Encrypt data with the key set at initialization.
The data to encrypt can be broken up in two or
more pieces and `encrypt` can be called multiple times.
That is, the statement:
>>> c.encrypt(a) + c.encrypt(b)
is equivalent to:
>>> c.encrypt(a+b)
This function does not add any padding to the plaintext.
:Parameters:
plaintext : bytes/bytearray/memoryview
The piece of data to encrypt.
The length must be multiple of the cipher block length.
:Keywords:
output : bytearray/memoryview
The location where the ciphertext must be written to.
If ``None``, the ciphertext is returned.
:Return:
If ``output`` is ``None``, the ciphertext is returned as ``bytes``.
Otherwise, ``None``.
"""
if output is None:
ciphertext = create_string_buffer(len(plaintext))
else:
ciphertext = output
if not is_writeable_buffer(output):
raise TypeError("output must be a bytearray or a writeable memoryview")
if len(plaintext) != len(output):
raise ValueError("output must have the same length as the input"
" (%d bytes)" % len(plaintext))
result = raw_ecb_lib.ECB_encrypt(self._state.get(),
c_uint8_ptr(plaintext),
c_uint8_ptr(ciphertext),
c_size_t(len(plaintext)))
if result:
if result == 3:
raise ValueError("Data must be aligned to block boundary in ECB mode")
raise ValueError("Error %d while encrypting in ECB mode" % result)
if output is None:
return get_raw_buffer(ciphertext)
else:
return None
def strxor_c(term, c):
"""XOR of a byte string with a repeated sequence of characters.
Return:
A new byte string, :data:`term` with all its bytes xored with :data:`c`.
"""
if not 0 <= c < 256:
raise ValueError("c must be in range(256)")
result = create_string_buffer(len(term))
_raw_strxor.strxor_c(c_uint8_ptr(term), c, result, c_size_t(len(term)))
return get_raw_buffer(result)
def _encrypt(self, plaintext):
"""Encrypt without FSM checks"""
ciphertext = create_string_buffer(len(plaintext))
result = _raw_chacha20_lib.chacha20_encrypt(
self._state.get(),
c_uint8_ptr(plaintext),
ciphertext,
c_size_t(len(plaintext)))
if result:
raise ValueError("Error %d while encrypting with ChaCha20" % result)
return get_raw_buffer(ciphertext)
def _encrypt(self, plaintext):
"""Encrypt without FSM checks"""
ciphertext = create_string_buffer(len(plaintext))
result = _raw_chacha20_lib.chacha20_encrypt(self._state.get(),
c_uint8_ptr(plaintext),
ciphertext,
c_size_t(len(plaintext)))
if result:
raise ValueError("Error %d while encrypting with ChaCha20" %
result)
return get_raw_buffer(ciphertext)
def _compute_mac_tag(self):
if self._mac_tag is not None:
return
if self._cache_A:
self._update(self._cache_A, len(self._cache_A))
self._cache_A = b("")
mac_tag = create_string_buffer(16)
result = _raw_ocb_lib.OCB_digest(self._state.get(), mac_tag, c_size_t(len(mac_tag)))
if result:
raise ValueError("Error %d while computing digest in OCB mode" % result)
self._mac_tag = get_raw_buffer(mac_tag)[: self._mac_len]
def digest(self):
"""Return the **binary** (non-printable) digest of the message that has been hashed so far.
:return: The hash digest, computed over the data processed so far.
Binary form.
:rtype: byte string
"""
bfr = create_string_buffer(self.digest_size)
result = _raw_md5_lib.MD5_digest(self._state.get(), bfr)
if result:
raise ValueError("Error %d while instantiating MD5" % result)
return get_raw_buffer(bfr)
def digest(self):
if self._mac_tag:
return self._mac_tag
bfr = create_string_buffer(16)
result = _raw_poly1305.poly1305_digest(self._state.get(), bfr,
c_size_t(len(bfr)))
if result:
raise ValueError("Error %d while creating Poly1305 digest" %
result)
self._mac_tag = get_raw_buffer(bfr)
return self._mac_tag
def to_bytes(self, block_size=0, byteorder='big'):
"""Convert the number into a byte string.
This method encodes the number in network order and prepends
as many zero bytes as required. It only works for non-negative
values.
:Parameters:
block_size : integer
The exact size the output byte string must have.
If zero, the string has the minimal length.
byteorder : string
'big' for big-endian integers (default), 'little' for litte-endian.
:Returns:
A byte string.
:Raise ValueError:
If the value is negative or if ``block_size`` is
provided and the length of the byte string would exceed it.
"""
if self < 0:
raise ValueError("Conversion only valid for non-negative numbers")
buf_len = (_gmp.mpz_sizeinbase(self._mpz_p, 2) + 7) // 8
if buf_len > block_size > 0:
raise ValueError("Number is too big to convert to byte string"
" of prescribed length")
buf = create_string_buffer(buf_len)
_gmp.mpz_export(
buf,
null_pointer, # Ignore countp
1, # Big endian
c_size_t(1), # Each word is 1 byte long
0, # Endianess within a word - not relevant
c_size_t(0), # No nails
self._mpz_p)
result = b'\x00' * max(0, block_size - buf_len) + get_raw_buffer(buf)
if byteorder == 'big':
pass
elif byteorder == 'little':
result = bytearray(result)
result.reverse()
result = bytes(result)
else:
raise ValueError("Incorrect byteorder")
return result
def inplace_pow(self, exponent, modulus=None):
exp_value = int(exponent)
if exp_value < 0:
raise ValueError("Exponent must not be negative")
# No modular reduction
if modulus is None:
self._value = pow(self._value, exp_value)
return self
# With modular reduction
mod_value = int(modulus)
if mod_value < 0:
raise ValueError("Modulus must be positive")
if mod_value == 0:
raise ZeroDivisionError("Modulus cannot be zero")
# C extension only works with odd moduli
if (mod_value & 1) == 0:
self._value = pow(self._value, exp_value, mod_value)
return self
# C extension only works with bases smaller than modulus
if self._value >= mod_value:
self._value %= mod_value
max_len = len(long_to_bytes(max(self._value, exp_value, mod_value)))
base_b = long_to_bytes(self._value, max_len)
exp_b = long_to_bytes(exp_value, max_len)
modulus_b = long_to_bytes(mod_value, max_len)
out = create_string_buffer(max_len)
error = _raw_montgomery.monty_pow(
out,
base_b,
exp_b,
modulus_b,
c_size_t(max_len),
c_ulonglong(getrandbits(64))
)
if error:
raise ValueError("monty_pow failed with error: %d" % error)
result = bytes_to_long(get_raw_buffer(out))
self._value = result
return self
def inplace_pow(self, exponent, modulus=None):
exp_value = int(exponent)
if exp_value < 0:
raise ValueError("Exponent must not be negative")
# No modular reduction
if modulus is None:
self._value = pow(self._value, exp_value)
return self
# With modular reduction
mod_value = int(modulus)
if mod_value < 0:
raise ValueError("Modulus must be positive")
if mod_value == 0:
raise ZeroDivisionError("Modulus cannot be zero")
# C extension only works with odd moduli
if (mod_value & 1) == 0:
self._value = pow(self._value, exp_value, mod_value)
return self
# C extension only works with bases smaller than modulus
if self._value >= mod_value:
self._value %= mod_value
max_len = len(long_to_bytes(max(self._value, exp_value, mod_value)))
base_b = long_to_bytes(self._value, max_len)
exp_b = long_to_bytes(exp_value, max_len)
modulus_b = long_to_bytes(mod_value, max_len)
out = create_string_buffer(max_len)
error = _raw_montgomery.monty_pow(
out,
base_b,
exp_b,
modulus_b,
c_size_t(max_len),
c_ulonglong(getrandbits(64))
)
if error:
raise ValueError("monty_pow failed with error: %d" % error)
result = bytes_to_long(get_raw_buffer(out))
self._value = result
return self
def _pbkdf2_hmac_assist(inner, outer, first_digest, iterations):
"""Compute the expensive inner loop in PBKDF-HMAC."""
assert iterations > 0
bfr = create_string_buffer(len(first_digest))
result = _raw_sha512_lib.SHA512_pbkdf2_hmac_assist(
inner._state.get(), outer._state.get(), first_digest, bfr,
c_size_t(iterations), c_size_t(len(first_digest)))
if result:
raise ValueError("Error %d with PBKDF2-HMAC assist for SHA512" %
result)
return get_raw_buffer(bfr)
def _scryptROMix(blocks, n):
"""Sequential memory-hard function for scrypt."""
x = [blocks[i:i + 64] for i in range(0, len(blocks), 64)]
len_x = len(x)
v = [None]*n
load_le_uint32 = _raw_salsa20_lib.load_le_uint32
for i in range(n):
v[i] = x
x = _scryptBlockMix(x, len_x)
for i in range(n):
j = load_le_uint32(x[-1]) & (n - 1)
t = [strxor(x[idx], v[j][idx]) for idx in range(len_x)]
x = _scryptBlockMix(t, len_x)
return b("").join([get_raw_buffer(y) for y in x])
def strxor(term1, term2):
"""XOR of two byte strings.
They must have equal length.
Return:
A new byte string, :data:`term1` xored with :data:`term2`.
"""
if len(term1) != len(term2):
raise ValueError("Only byte strings of equal length can be xored")
result = create_string_buffer(len(term1))
_raw_strxor.strxor(c_uint8_ptr(term1), c_uint8_ptr(term2), result,
c_size_t(len(term1)))
return get_raw_buffer(result)
def strxor(term1, term2):
"""XOR of two byte strings.
They must have equal length.
Return:
A new byte string, :data:`term1` xored with :data:`term2`.
"""
expect_byte_string(term1)
expect_byte_string(term2)
if len(term1) != len(term2):
raise ValueError("Only byte strings of equal length can be xored")
result = create_string_buffer(len(term1))
_raw_strxor.strxor(term1, term2, result, c_size_t(len(term1)))
return get_raw_buffer(result)
def digest(self):
"""Return the **binary** (non-printable) digest of the message that has been hashed so far.
This method does not change the state of the hash object.
You can continue updating the object after calling this function.
:Return: A byte string of `digest_size` bytes. It may contain non-ASCII
characters, including null bytes.
"""
bfr = create_string_buffer(self.digest_size)
result = _raw_sha3_224_lib.SHA3_224_digest(self._state.get(), bfr)
if result:
raise ValueError("Error %d while instantiating SHA-3/224" % result)
return get_raw_buffer(bfr)
def digest(self):
"""Return the **binary** (non-printable) digest of the message that has been hashed so far.
:return: The hash digest, computed over the data processed so far.
Binary form.
:rtype: byte string
"""
bfr = create_string_buffer(self.digest_size)
result = _raw_ripemd160_lib.ripemd160_digest(self._state.get(),
bfr)
if result:
raise ValueError("Error %d while instantiating ripemd160"
% result)
return get_raw_buffer(bfr)
def _compute_mac_tag(self):
if self._mac_tag is not None:
return
if self._cache_A:
self._update(self._cache_A, len(self._cache_A))
self._cache_A = b("")
mac_tag = create_string_buffer(16)
result = _raw_ocb_lib.OCB_digest(self._state.get(), mac_tag,
c_size_t(len(mac_tag)))
if result:
raise ValueError("Error %d while computing digest in OCB mode" %
result)
self._mac_tag = get_raw_buffer(mac_tag)[:self._mac_len]
def digest(self):
"""Return the **binary** (non-printable) digest of the message that has been hashed so far.
:return: The hash digest, computed over the data processed so far.
Binary form.
:rtype: byte string
"""
bfr = create_string_buffer(32)
result = _raw_blake2s_lib.blake2s_digest(self._state.get(), bfr)
if result:
raise ValueError("Error %d while creating BLAKE2s digest" % result)
self._digest_done = True
return get_raw_buffer(bfr)[:self.digest_size]
def digest(self):
"""Return the **binary** (non-printable) digest of the message that has been hashed so far.
:return: The hash digest, computed over the data processed so far.
Binary form.
:rtype: byte string
"""
self._digest_done = True
bfr = create_string_buffer(self.digest_size)
result = _raw_keccak_lib.keccak_digest(self._state.get(), bfr,
c_size_t(self.digest_size))
if result:
raise ValueError("Error %d while squeezing keccak" % result)
return get_raw_buffer(bfr)
def encrypt(self, plaintext):
"""Encrypt a piece of data.
:Parameters:
plaintext : byte string
The piece of data to encrypt. It can be of any size.
:Return: the encrypted data (byte string, as long as the
plaintext).
"""
expect_byte_string(plaintext)
ciphertext = create_string_buffer(len(plaintext))
result = _raw_arc4_lib.ARC4_stream_encrypt(self._state.get(), plaintext, ciphertext, c_size_t(len(plaintext)))
if result:
raise ValueError("Error %d while encrypting with RC4" % result)
return get_raw_buffer(ciphertext)
def read(self, length):
"""Return the next ``length`` bytes of **binary** (non-printable)
digest for the message.
You cannot use ``update`` anymore after the first call to ``read``.
:Return: A byte string of `length` bytes.
"""
self._is_squeezing = True
bfr = create_string_buffer(length)
result = _raw_keccak_lib.keccak_squeeze(self._state.get(), bfr, c_size_t(length))
if result:
raise ValueError("Error %d while extracting from SHAKE256" % result)
return get_raw_buffer(bfr)
def encrypt(self, plaintext):
"""Encrypt a piece of data.
:param plaintext: The data to encrypt, of any size.
:type plaintext: bytes/bytearray/memoryview
:returns: the encrypted byte string, of equal length as the
plaintext.
"""
ciphertext = create_string_buffer(len(plaintext))
result = _raw_salsa20_lib.Salsa20_stream_encrypt(
self._state.get(), c_uint8_ptr(plaintext), ciphertext,
c_size_t(len(plaintext)))
if result:
raise ValueError("Error %d while encrypting with Salsa20" % result)
return get_raw_buffer(ciphertext)
def encrypt(self, plaintext):
"""Encrypt data with the key and the parameters set at initialization.
A cipher object is stateful: once you have encrypted a message
you cannot encrypt (or decrypt) another message using the same
object.
The data to encrypt can be broken up in two or
more pieces and `encrypt` can be called multiple times.
That is, the statement:
>>> c.encrypt(a) + c.encrypt(b)
is equivalent to:
>>> c.encrypt(a+b)
That also means that you cannot reuse an object for encrypting
or decrypting other data with the same key.
This function does not add any padding to the plaintext.
:Parameters:
plaintext : byte string/array
The piece of data to encrypt.
Its lenght must be multiple of the cipher block size.
:Return:
the encrypted data, as a byte string.
It is as long as *plaintext*.
"""
if self.encrypt not in self._next:
raise TypeError("encrypt() cannot be called after decrypt()")
self._next = [self.encrypt]
ciphertext = create_string_buffer(len(plaintext))
result = raw_cbc_lib.CBC_encrypt(self._state.get(),
c_uint8_ptr(plaintext), ciphertext,
c_size_t(len(plaintext)))
if result:
if result == 3:
raise ValueError(
"Data must be padded to %d byte boundary in CBC mode" %
self.block_size)
raise ValueError("Error %d while encrypting in CBC mode" % result)
return get_raw_buffer(ciphertext)
def digest(self):
"""Return the **binary** (non-printable) digest of the message that has been hashed so far.
:return: The hash digest, computed over the data processed so far.
Binary form.
:rtype: byte string
"""
bfr = create_string_buffer(64)
result = _raw_blake2b_lib.blake2b_digest(self._state.get(),
bfr)
if result:
raise ValueError("Error %d while creating BLAKE2b digest" % result)
self._digest_done = True
return get_raw_buffer(bfr)[:self.digest_size]
def digest(self):
"""Return the **binary** (non-printable) digest of the message that has been hashed so far.
:return: The hash digest, computed over the data processed so far.
Binary form.
:rtype: byte string
"""
self._digest_done = True
bfr = create_string_buffer(self.digest_size)
result = _raw_keccak_lib.keccak_digest(self._state.get(),
bfr,
c_size_t(self.digest_size))
if result:
raise ValueError("Error %d while squeezing keccak" % result)
return get_raw_buffer(bfr)
def encrypt(self, plaintext):
"""Encrypt a piece of data.
:Parameters:
plaintext : byte string
The piece of data to encrypt. It can be of any size.
:Return: the encrypted data (byte string, as long as the
plaintext).
"""
expect_byte_string(plaintext)
ciphertext = create_string_buffer(len(plaintext))
result = _raw_salsa20_lib.Salsa20_stream_encrypt(
self._state.get(), plaintext, ciphertext, c_size_t(len(plaintext)))
if result:
raise ValueError("Error %d while encrypting with Salsa20" % result)
return get_raw_buffer(ciphertext)
def encrypt(self, plaintext):
"""Encrypt data with the key and the parameters set at initialization.
A cipher object is stateful: once you have encrypted a message
you cannot encrypt (or decrypt) another message using the same
object.
The data to encrypt can be broken up in two or
more pieces and `encrypt` can be called multiple times.
That is, the statement:
>>> c.encrypt(a) + c.encrypt(b)
is equivalent to:
>>> c.encrypt(a+b)
That also means that you cannot reuse an object for encrypting
or decrypting other data with the same key.
This function does not add any padding to the plaintext.
:Parameters:
plaintext : bytes/bytearray/memoryview
The piece of data to encrypt.
Its lenght must be multiple of the cipher block size.
:Return:
the encrypted data, as a byte string.
It is as long as *plaintext*.
"""
if self.encrypt not in self._next:
raise TypeError("encrypt() cannot be called after decrypt()")
self._next = [ self.encrypt ]
ciphertext = create_string_buffer(len(plaintext))
result = raw_cbc_lib.CBC_encrypt(self._state.get(),
c_uint8_ptr(plaintext),
ciphertext,
c_size_t(len(plaintext)))
if result:
if result == 3:
raise ValueError("Data must be padded to %d byte boundary in CBC mode" % self.block_size)
raise ValueError("Error %d while encrypting in CBC mode" % result)
return get_raw_buffer(ciphertext)
def encrypt(self, plaintext):
"""Encrypt a piece of data.
:param plaintext: The data to encrypt, of any size.
:type plaintext: bytes, bytearray, memoryview
:returns: the encrypted byte string, of equal length as the
plaintext.
"""
ciphertext = create_string_buffer(len(plaintext))
result = _raw_arc4_lib.ARC4_stream_encrypt(self._state.get(),
c_uint8_ptr(plaintext),
ciphertext,
c_size_t(len(plaintext)))
if result:
raise ValueError("Error %d while encrypting with RC4" % result)
return get_raw_buffer(ciphertext)
def digest(self):
"""Return the **binary** (non-printable) digest of the message that has been hashed so far.
:return: The hash digest, computed over the data processed so far.
Binary form.
:rtype: byte string
"""
bfr = create_string_buffer(self.digest_size)
result = _raw_sha256_lib.SHA256_digest(self._state.get(),
bfr,
c_size_t(self.digest_size))
if result:
raise ValueError("Error %d while making SHA256 digest"
% result)
return get_raw_buffer(bfr)
def encrypt(self, plaintext):
"""Encrypt a piece of data.
:param plaintext: The data to encrypt, of any size.
:type plaintext: byte string
:returns: the encrypted byte string, of equal length as the
plaintext.
"""
expect_byte_string(plaintext)
ciphertext = create_string_buffer(len(plaintext))
result = _raw_arc4_lib.ARC4_stream_encrypt(self._state.get(),
plaintext, ciphertext,
c_size_t(len(plaintext)))
if result:
raise ValueError("Error %d while encrypting with RC4" % result)
return get_raw_buffer(ciphertext)
def encrypt(self, plaintext):
"""Encrypt data with the key and the parameters set at initialization.
A cipher object is stateful: once you have encrypted a message
you cannot encrypt (or decrypt) another message using the same
object.
The data to encrypt can be broken up in two or
more pieces and `encrypt` can be called multiple times.
That is, the statement:
>>> c.encrypt(a) + c.encrypt(b)
is equivalent to:
>>> c.encrypt(a+b)
This function does not add any padding to the plaintext.
:Parameters:
plaintext : byte string
The piece of data to encrypt.
It can be of any length.
:Return:
the encrypted data, as a byte string.
It is as long as *plaintext*.
"""
if self.encrypt not in self._next:
raise TypeError("encrypt() cannot be called after decrypt()")
self._next = [self.encrypt]
expect_byte_string(plaintext)
ciphertext = create_string_buffer(len(plaintext))
result = raw_ctr_lib.CTR_encrypt(self._state.get(),
plaintext,
ciphertext,
c_size_t(len(plaintext)))
if result:
if result == 0x60002:
raise OverflowError("The counter has wrapped around in"
" CTR mode")
raise ValueError("Error %X while encrypting in CTR mode" % result)
return get_raw_buffer(ciphertext)
def strxor(term1, term2, output=None):
"""From two byte strings of equal length,
create a third one which is the byte-by-byte XOR of the two.
Args:
term1 (bytes/bytearray/memoryview):
The first byte string to XOR.
term2 (bytes/bytearray/memoryview):
The second byte string to XOR.
output (bytearray/memoryview):
The location where the result will be written to.
It must have the same length as ``term1`` and ``term2``.
If ``None``, the result is returned.
:Return:
If ``output`` is ``None``, a new byte string with the result.
Otherwise ``None``.
.. note::
``term1`` and ``term2`` must have the same length.
"""
if len(term1) != len(term2):
raise ValueError("Only byte strings of equal length can be xored")
if output is None:
result = create_string_buffer(len(term1))
else:
# Note: output may overlap with either input
result = output
if not is_writeable_buffer(output):
raise TypeError(
"output must be a bytearray or a writeable memoryview")
if len(term1) != len(output):
raise ValueError("output must have the same length as the input"
" (%d bytes)" % len(term1))
_raw_strxor.strxor(c_uint8_ptr(term1), c_uint8_ptr(term2),
c_uint8_ptr(result), c_size_t(len(term1)))
if output is None:
return get_raw_buffer(result)
else:
return None
def digest(self):
"""Return the **binary** (non-printable) digest of the message that has been hashed so far.
This method does not change the state of the hash object.
You can continue updating the object after calling this function.
:Return: A byte string of `digest_size` bytes. It may contain non-ASCII
characters, including null bytes.
"""
bfr = create_string_buffer(self.digest_size)
result = _raw_sha3_384_lib.SHA3_384_digest(self._state.get(),
bfr)
if result:
raise ValueError("Error %d while instantiating SHA-3/384"
% result)
return get_raw_buffer(bfr)
def digest(self):
"""Return the **binary** (non-printable) digest of the message that has been hashed so far.
You cannot update the hash anymore after the first call to ``digest``
(or ``hexdigest``).
:Return: A byte string of `digest_size` bytes.
It may contain non-ASCII characters, including null bytes.
"""
self._digest_done = True
bfr = create_string_buffer(self.digest_size)
result = _raw_keccak_lib.keccak_digest(self._state.get(), bfr,
c_size_t(self.digest_size))
if result:
raise ValueError("Error %d while squeezing keccak" % result)
return get_raw_buffer(bfr)
def _pbkdf2_hmac_assist(inner, outer, first_digest, iterations):
"""Compute the expensive inner loop in PBKDF-HMAC."""
assert iterations > 0
bfr = create_string_buffer(len(first_digest));
result = _raw_sha256_lib.SHA256_pbkdf2_hmac_assist(
inner._state.get(),
outer._state.get(),
first_digest,
bfr,
c_size_t(iterations),
c_size_t(len(first_digest)))
if result:
raise ValueError("Error %d with PBKDF2-HMAC assist for SHA256" % result)
return get_raw_buffer(bfr)
def _pbkdf2_hmac_assist(inner, outer, first_digest, iterations):
"""Compute the expensive inner loop in PBKDF-HMAC."""
assert len(first_digest) == digest_size
assert iterations > 0
bfr = create_string_buffer(digest_size);
result = _raw_md5_lib.MD5_pbkdf2_hmac_assist(
inner._state.get(),
outer._state.get(),
first_digest,
bfr,
c_size_t(iterations))
if result:
raise ValueError("Error %d with PBKDF2-HMAC assis for MD5" % result)
return get_raw_buffer(bfr)
def monty_pow(base, exp, modulus):
max_len = len(long_to_bytes(max(base, exp, modulus)))
base_b, exp_b, modulus_b = [
long_to_bytes(x, max_len) for x in (base, exp, modulus)
]
out = create_string_buffer(max_len)
error = _raw_montgomery.monty_pow(base_b, exp_b, modulus_b, out,
c_size_t(max_len), c_ulonglong(32))
if error == 2:
raise ExceptionModulus()
if error:
raise ValueError("monty_pow failed with error: %d" % error)
result = bytes_to_long(get_raw_buffer(out))
return result
def read(self, length):
"""Return the next ``length`` bytes of **binary** (non-printable)
digest for the message.
You cannot use ``update`` anymore after the first call to ``read``.
:Return: A byte string of `length` bytes.
"""
self._is_squeezing = True
bfr = create_string_buffer(length)
result = _raw_keccak_lib.keccak_squeeze(self._state.get(), bfr,
c_size_t(length))
if result:
raise ValueError("Error %d while extracting from SHAKE256" %
result)
return get_raw_buffer(bfr)
def strxor_c(term, c, output=None):
"""From a byte string, create a second one of equal length
where each byte is XOR-red with the same value.
Args:
term(bytes/bytearray/memoryview):
The byte string to XOR.
c (int):
Every byte in the string will be XOR-ed with this value.
It must be between 0 and 255 (included).
output (None or bytearray/memoryview):
The location where the result will be written to.
It must have the same length as ``term``.
If ``None``, the result is returned.
Return:
If ``output`` is ``None``, a new ``bytes`` string with the result.
Otherwise ``None``.
"""
if not 0 <= c < 256:
raise ValueError("c must be in range(256)")
if output is None:
result = create_string_buffer(len(term))
else:
# Note: output may overlap with either input
result = output
if not is_writeable_buffer(output):
raise TypeError(
"output must be a bytearray or a writeable memoryview")
if len(term) != len(output):
raise ValueError("output must have the same length as the input"
" (%d bytes)" % len(term))
_raw_strxor.strxor_c(c_uint8_ptr(term), c, c_uint8_ptr(result),
c_size_t(len(term)))
if output is None:
return get_raw_buffer(result)
else:
return None
def digest(self):
"""Return the **binary** (non-printable) digest of the message that
has been hashed so far.
You cannot update the hash anymore after the first call to ``digest``
(or ``hexdigest``).
:Return: A byte string of `digest_size` bytes. It may contain non-ASCII
characters, including null bytes.
"""
bfr = create_string_buffer(64)
result = _raw_blake2b_lib.blake2b_digest(self._state.get(), bfr)
if result:
raise ValueError("Error %d while creating BLAKE2b digest" % result)
self._digest_done = True
return get_raw_buffer(bfr)[:self.digest_size]
def decrypt(self, ciphertext):
"""Decrypt data with the key and the parameters set at initialization.
A cipher object is stateful: once you have decrypted a message
you cannot decrypt (or encrypt) another message with the same
object.
The data to decrypt can be broken up in two or
more pieces and `decrypt` can be called multiple times.
That is, the statement:
>>> c.decrypt(a) + c.decrypt(b)
is equivalent to:
>>> c.decrypt(a+b)
This function does not remove any padding from the plaintext.
:Parameters:
ciphertext : bytes/bytearray/memoryview
The piece of data to decrypt.
It can be of any length.
:Return: the decrypted data (byte string).
"""
if self.decrypt not in self._next:
raise TypeError("decrypt() cannot be called after encrypt()")
self._next = [self.decrypt]
plaintext = create_string_buffer(len(ciphertext))
result = raw_ctr_lib.CTR_decrypt(self._state.get(),
c_uint8_ptr(ciphertext),
plaintext,
c_size_t(len(ciphertext)))
if result:
if result == 0x60002:
raise OverflowError("The counter has wrapped around in"
" CTR mode")
raise ValueError("Error %X while decrypting in CTR mode" % result)
return get_raw_buffer(plaintext)
def encrypt(self, plaintext):
"""Encrypt a piece of data.
:param plaintext: The data to encrypt, of any size.
:type plaintext: byte string
:returns: the encrypted byte string, of equal length as the
plaintext.
"""
expect_byte_string(plaintext)
ciphertext = create_string_buffer(len(plaintext))
result = _raw_salsa20_lib.Salsa20_stream_encrypt(
self._state.get(),
plaintext,
ciphertext,
c_size_t(len(plaintext)))
if result:
raise ValueError("Error %d while encrypting with Salsa20" % result)
return get_raw_buffer(ciphertext)
def encrypt(self, plaintext):
"""Encrypt data with the key and the parameters set at initialization.
A cipher object is stateful: once you have encrypted a message
you cannot encrypt (or decrypt) another message using the same
object.
The data to encrypt can be broken up in two or
more pieces and `encrypt` can be called multiple times.
That is, the statement:
>>> c.encrypt(a) + c.encrypt(b)
is equivalent to:
>>> c.encrypt(a+b)
This function does not add any padding to the plaintext.
:Parameters:
plaintext : bytes/bytearray/memoryview
The piece of data to encrypt.
It can be of any length.
:Return:
the encrypted data, as a byte string.
It is as long as *plaintext*.
"""
if self.encrypt not in self._next:
raise TypeError("encrypt() cannot be called after decrypt()")
self._next = [self.encrypt]
ciphertext = create_string_buffer(len(plaintext))
result = raw_ctr_lib.CTR_encrypt(self._state.get(),
c_uint8_ptr(plaintext), ciphertext,
c_size_t(len(plaintext)))
if result:
if result == 0x60002:
raise OverflowError("The counter has wrapped around in"
" CTR mode")
raise ValueError("Error %X while encrypting in CTR mode" % result)
return get_raw_buffer(ciphertext)
def digest(self):
"""Return the **binary** (non-printable) digest of the message that has been hashed so far.
You cannot update the hash anymore after the first call to ``digest``
(or ``hexdigest``).
:Return: A byte string of `digest_size` bytes.
It may contain non-ASCII characters, including null bytes.
"""
self._digest_done = True
bfr = create_string_buffer(self.digest_size)
result = _raw_keccak_lib.keccak_digest(self._state.get(),
bfr,
c_size_t(self.digest_size))
if result:
raise ValueError("Error %d while squeezing keccak" % result)
return get_raw_buffer(bfr)
def decrypt(self, ciphertext):
"""Decrypt data with the key and the parameters set at initialization.
A cipher object is stateful: once you have decrypted a message
you cannot decrypt (or encrypt) another message with the same
object.
The data to decrypt can be broken up in two or
more pieces and `decrypt` can be called multiple times.
That is, the statement:
>>> c.decrypt(a) + c.decrypt(b)
is equivalent to:
>>> c.decrypt(a+b)
This function does not remove any padding from the plaintext.
:Parameters:
ciphertext : byte string/array
The piece of data to decrypt.
Its length must be multiple of the cipher block size.
:Return: the decrypted data (byte string).
"""
if self.decrypt not in self._next:
raise TypeError("decrypt() cannot be called after encrypt()")
self._next = [self.decrypt]
plaintext = create_string_buffer(len(ciphertext))
result = raw_cbc_lib.CBC_decrypt(self._state.get(),
c_uint8_ptr(ciphertext), plaintext,
c_size_t(len(ciphertext)))
if result:
if result == 3:
raise ValueError(
"Data must be padded to %d byte boundary in CBC mode" %
self.block_size)
raise ValueError("Error %d while decrypting in CBC mode" % result)
return get_raw_buffer(plaintext)
def strxor_c(term, c, output=None):
"""XOR a byte string with a repeated sequence of characters.
Args:
term(bytes/bytearray/memoryview):
The first term of the XOR operation.
c (bytes):
The byte that makes up the second term of the XOR operation.
output (None or bytearray/memoryview):
If not ``None``, the location where the result is stored into.
Return:
If ``output`` is ``None``, a new ``bytes`` string with the result.
Otherwise ``None``.
"""
if not 0 <= c < 256:
raise ValueError("c must be in range(256)")
if output is None:
result = create_string_buffer(len(term))
else:
# Note: output may overlap with either input
result = output
if not is_writeable_buffer(output):
raise TypeError("output must be a bytearray or a writeable memoryview")
if len(term) != len(output):
raise ValueError("output must have the same length as the input"
" (%d bytes)" % len(term))
_raw_strxor.strxor_c(c_uint8_ptr(term),
c,
c_uint8_ptr(result),
c_size_t(len(term))
)
if output is None:
return get_raw_buffer(result)
else:
return None
def decrypt(self, ciphertext):
"""Decrypt data with the key and the parameters set at initialization.
A cipher object is stateful: once you have decrypted a message
you cannot decrypt (or encrypt) another message with the same
object.
The data to decrypt can be broken up in two or
more pieces and `decrypt` can be called multiple times.
That is, the statement:
>>> c.decrypt(a) + c.decrypt(b)
is equivalent to:
>>> c.decrypt(a+b)
This function does not remove any padding from the plaintext.
:Parameters:
ciphertext : bytes/bytearray/memoryview
The piece of data to decrypt.
Its length must be multiple of the cipher block size.
:Return: the decrypted data (byte string).
"""
if self.decrypt not in self._next:
raise TypeError("decrypt() cannot be called after encrypt()")
self._next = [ self.decrypt ]
plaintext = create_string_buffer(len(ciphertext))
result = raw_cbc_lib.CBC_decrypt(self._state.get(),
c_uint8_ptr(ciphertext),
plaintext,
c_size_t(len(ciphertext)))
if result:
if result == 3:
raise ValueError("Data must be padded to %d byte boundary in CBC mode" % self.block_size)
raise ValueError("Error %d while decrypting in CBC mode" % result)
return get_raw_buffer(plaintext)
def digest(self):
"""Return the **binary** (non-printable) digest of the message that
has been hashed so far.
You cannot update the hash anymore after the first call to ``digest``
(or ``hexdigest``).
:Return: A byte string of `digest_size` bytes. It may contain non-ASCII
characters, including null bytes.
"""
bfr = create_string_buffer(64)
result = _raw_blake2b_lib.blake2b_digest(self._state.get(),
bfr)
if result:
raise ValueError("Error %d while creating BLAKE2b digest" % result)
self._digest_done = True
return get_raw_buffer(bfr)[:self.digest_size]
