def aes_ctr_alt_keystream(key, nonce):
if len(nonce) != 8:
raise util.CryptoException('Nonce must be 8 bytes')
for block in ctr_alt_ptext_stream(nonce):
cblock = aes_encrypt_block(block, key)
for b in cblock:
yield b
def xor_crib(b, crib, start, step):
if len(crib) > step:
raise util.CryptoException('Crib longer than step.')
res = b[0:start]
for i in range(start, len(b), step):
res += xor(crib, b[i:])
res += b[i + len(crib):i + step]
return res
def char_to_int(self, char):
if not is_letter(char):
if self.invalid is LetterAction.KEEP or self.invalid is LetterAction.REMOVE:
return self.invalid
raise util.CryptoException(
'Bad character {}: not a letter'.format(char))
case = get_case(char)
if case is self.case or self.case is LetterCase.BOTH or self.invalid_case is LetterAction.CONVERT:
if case is LetterCase.UPPER:
return ord(char) - ORD_A + self.start
def __init__(self, counts=None, fname=None, delta=0.75):
if (counts is None and fname is None) or (counts is not None
and fname is not None):
raise util.CryptoException(
'Exactly one of counts and fname should be given')
if fname is not None:
self.counts = load_ngram_counts(fname)
else:
self.counts = counts
npairs = 0
nbefore = [0] * 256
for b1 in range(256):
for b2 in range(256):
if bytes([b1, b2]) in self.counts:
npairs += 1
nbefore[b2] += 1
self.uniprobs = [nbefore[b] / npairs for b in range(256)]
self.delta = delta
self.maxlen = max(len(k) for k in self.counts)
self.usedbytes = [b for b in range(256) if bytes([b]) in self.counts]
def elgamal_break_two_signatures(p, alpha, beta, gamma, m1, delta1, m2, delta2):
if delta2 > delta1:
delta1, delta2 = delta2, delta1
m1, m2 = m2, m1
d = num.gcd(delta1 - delta2, p-1)
mt = (m1 - m2) // d
deltat = (delta1 - delta2) // d
pt = (p-1) // d
kmodpt = (mt * num.mod_inverse(deltat, pt)) % pt
for i in range(d):
k = (kmodpt + i*pt) % (p-1)
if pow(alpha, k, p) == gamma:
dt = num.gcd(gamma, p-1)
gammat = gamma // dt
ptt = (p-1) // dt
righthand = (m1 - k * delta1) // dt
amodptt = (num.mod_inverse(gammat, ptt) * righthand) % ptt
for j in range(dt):
a = (amodptt + i*ptt) % (p-1)
if pow(alpha, a, p) == beta:
return a,k
raise util.CryptoException('Error: could not calculate elgamal private key.')
if not is_letter(char):
if self.invalid is LetterAction.KEEP or self.invalid is LetterAction.REMOVE:
return self.invalid
raise util.CryptoException(
'Bad character {}: not a letter'.format(char))
case = get_case(char)
if case is self.case or self.case is LetterCase.BOTH or self.invalid_case is LetterAction.CONVERT:
if case is LetterCase.UPPER:
return ord(char) - ORD_A + self.start
else:
return ord(char) - ORD_a + self.start
if self.invalid_case is LetterAction.KEEP or self.invalid_case is LetterAction.REMOVE:
return self.invalid_case
raise util.CryptoException('Bad character {}: wrong case'.format(char))
def encrypt(self, plaintext):
ints, ctx = self._str_2_ints(plaintext)
cipher_ints = self.encrypt_ints(ints)
return self._ints_2_str(cipher_ints, ctx)
def decrypt(self, ciphertext):
ints, ctx = self._str_2_ints(ciphertext)
plain_ints = self.decrypt_ints(ints)
return self._ints_2_str(plain_ints, ctx)
@abc.abstractmethod
def encrypt_ints(self, nums):
"""Encrypt a list of ints and return a list of ints."""
def aes_decrypt_block(ciphertext, key):
if len(ciphertext) != 16:
raise util.CryptoException('Ciphertext must be 16 bytes')
return aes_decrypt(ciphertext, key, modes.ECB(), unpadder=None)
def aes_encrypt_block(plaintext, key):
if len(plaintext) != 16:
raise util.CryptoException('Plaintext must be 16 bytes')
return aes_encrypt(plaintext, key, modes.ECB(), padder=None)