def encrypt(cls, cek, plaint, iv, aad, *args, **kwargs):
assert cek and len(cek) == cls._KEY_LEN
assert iv and len(iv) == cls._IV_LEN
ci = AES_GCM(bytes_to_long(cek))
ciphert, tag = ci.encrypt(bytes_to_long(iv), plaint, aad)
return ciphert, long_to_bytes(tag)
def decrypt(cls, cek, ciphert, iv, aad, tag, *args, **kwargs):
assert cek and len(cek) == cls._KEY_LEN
assert iv and len(iv) == cls._IV_LEN
assert tag and len(tag) == cls._TAG_LEN
ci = AES_GCM(bytes_to_long(cek))
try:
plaint = ci.decrypt(bytes_to_long(iv), ciphert,
bytes_to_long(tag), aad)
return plaint, True
except InvalidTagException:
return (None, False)
b'\x4b\x72\x21\xb7\x84\xd0\xd4\x9c' +
b'\xe3\xaa\x21\x2f\x2c\x02\xa4\xe0' +
b'\x35\xc1\x7e\x23\x29\xac\xa1\x2e' +
b'\x21\xd5\x14\xb2\x54\x66\x93\x1c' +
b'\x7d\x8f\x6a\x5a\xac\x84\xaa\x05' +
b'\x1b\xa3\x0b\x39\x6a\x0a\xac\x97' +
b'\x3d\x58\xe0\x91',
'auth_tag': 0x5bc94fbc3221a5db94fae95ae7121a47,
})
if __name__ == '__main__':
num_failures = 0
for test_data in test_cases:
test_gcm = AES_GCM(test_data['master_key'])
encrypted, tag = test_gcm.encrypt(
test_data['init_value'],
test_data['plaintext'],
test_data['auth_data']
)
states = []
tags = []
ivs = []
aads = []
# extra encryptions
s = encrypted
for i in range(1000):
iv = getrandbits(96)
def process(line):
global current_test
global success_count
global fail_count
sline = line.strip()
if sline.startswith("["):
data = sline[1:-1]
key, value = data.split("=", 1)
current_test_parameters[key.strip()] = int(value)
elif (sline == "" and not current_test) or line.startswith("#"):
return
elif sline == "" and 'count' in current_test.keys():
errors = []
if 'PT' not in current_test.keys():
current_test['PT'] = ''
test_gcm = AES_GCM(int(current_test['Key'], 16))
test_aad = b'' if (len(current_test['AAD']) == 0) else long_to_bytes(
int(current_test['AAD'], 16))
test_tag = b'' if (len(current_test['Tag']) == 0) else int(
current_test['Tag'], 16)
test_crypttext = b'' if (len(current_test['CT'])
== 0) else long_to_bytes(
int(current_test['CT'], 16))
test_plaintext = b'' if (len(current_test['PT'])
== 0) else long_to_bytes(
int(current_test['PT'], 16))
test_iv = int(current_test['IV'], 16)
tag_len = int(int(current_test_parameters['Taglen']) / 8)
try:
computed_crypttext, computed_tag = test_gcm.encrypt(
test_iv, test_plaintext, test_aad, tag_len)
except ValueError as e:
errors.append(e)
if computed_tag != test_tag:
errors.append("Tag mismatch after encryption")
computed_plaintext = b''
try:
computed_plaintext = test_gcm.decrypt(test_iv, test_crypttext,
test_tag, test_aad, tag_len)
if computed_plaintext != test_plaintext:
errors.append("Plaintext mismatch")
except InvalidTagException:
errors.append("Tag mismatch while decrypting")
test_passed = current_test['fail'] == (len(errors) > 0)
if not test_passed:
fail_count += 1
print("\n\nFailed test %s" % current_test['count'])
print("Parameters:")
print(current_test_parameters)
print("Test case:")
print(current_test)
print(errors)
print("Crypttext")
print(" Test: %s" % test_crypttext)
print(" Computed: %s" % computed_crypttext)
print("Plaintext")
print(" Test: %s" % test_plaintext)
print(" Computed: %s" % computed_plaintext)
print("Tags")
print(" Test: %s" % hex(test_tag))
print(" Computed: %s" % hex(computed_tag))
print("Failed: %s | Success: %s" % (fail_count, success_count))
else:
success_count += 1
current_test = None
elif line.startswith("Count ="):
current_test = {'count': int(line.split("=", 1)[1]), 'fail': False}
elif " = " in line:
name, value = line.split(" = ", 1)
current_test[name.strip()] = value.strip()
elif sline == "FAIL":
current_test['fail'] = True
else:
print("unknown line: %s" % line)
b'\xe3\xaa\x21\x2f\x2c\x02\xa4\xe0' + b'\x35\xc1\x7e\x23\x29\xac\xa1\x2e' +
b'\x21\xd5\x14\xb2\x54\x66\x93\x1c' + b'\x7d\x8f\x6a\x5a\xac\x84\xaa\x05' +
b'\x1b\xa3\x0b\x39\x6a\x0a\xac\x97' + b'\x3d\x58\xe0\x91',
'auth_tag':
0x5bc94fbc3221a5db94fae95ae7121a47,
})
if __name__ == '__main__':
num_failures = 0
for test_data in test_cases:
test_tag = test_data['auth_tag']
if type(test_data['auth_tag']) in [bytes, str]:
test_tag = bytes_to_long(test_data['auth_tag'])
test_gcm = AES_GCM(test_data['master_key'])
encrypted, tag = test_gcm.encrypt(test_data['init_value'],
test_data['plaintext'],
test_data['auth_data'])
if type(encrypted) == str:
enc_dbg = '\\x' + '\\x'.join('{:02x}'.format(ord(x))
for x in encrypted)
else:
enc_dbg = '\\x' + '\\x'.join('{:02x}'.format(x) for x in encrypted)
tag_dbg = hex(tag)
states = []
tags = []
ivs = []
aads = []
def initKeys():
global gcms
for id, device in devices.devices.iteritems():
gcms[id] = AES_GCM(device['key'])
+ b"\xe3\xaa\x21\x2f\x2c\x02\xa4\xe0"
+ b"\x35\xc1\x7e\x23\x29\xac\xa1\x2e"
+ b"\x21\xd5\x14\xb2\x54\x66\x93\x1c"
+ b"\x7d\x8f\x6a\x5a\xac\x84\xaa\x05"
+ b"\x1b\xa3\x0b\x39\x6a\x0a\xac\x97"
+ b"\x3d\x58\xe0\x91",
"auth_tag": 0x5BC94FBC3221A5DB94FAE95AE7121A47,
},
)
if __name__ == "__main__":
num_failures = 0
for test_data in test_cases:
test_gcm = AES_GCM(test_data["master_key"])
encrypted, tag = test_gcm.encrypt(test_data["init_value"], test_data["plaintext"], test_data["auth_data"])
states = []
tags = []
ivs = []
aads = []
# extra encryptions
s = encrypted
for i in range(1000):
iv = getrandbits(96)
a = long_to_bytes(getrandbits(1024))
s, t = test_gcm.encrypt(iv, s, a)
states.append(s)
tags.append(t)