Exemplo n.º 1
21
    def test_round_trip(self):
        pt = b("A") * 1024
        c1 = ChaCha20.new(key=b("5") * 32, nonce=b("6") * 8)
        c2 = ChaCha20.new(key=b("5") * 32, nonce=b("6") * 8)
        ct = c1.encrypt(pt)
        self.assertEqual(c2.decrypt(ct), pt)

        self.assertEqual(c1.encrypt(b("")), b(""))
        self.assertEqual(c2.decrypt(b("")), b(""))
Exemplo n.º 2
5
    def runTest(self):

        data = b"0123"
        key = b"9" * 32
        nonce = b"t" * 8

        # Encryption
        data_mv = memoryview(bytearray(data))
        key_mv = memoryview(bytearray(key))
        nonce_mv = memoryview(bytearray(nonce))

        cipher1 = ChaCha20.new(key=key, nonce=nonce)
        ct = cipher1.encrypt(data)

        cipher2 = ChaCha20.new(key=key_mv, nonce=nonce_mv)
        key_mv[:1] = b'\xFF'
        nonce_mv[:1] = b'\xFF'
        ct_test = cipher2.encrypt(data_mv)

        self.assertEqual(ct, ct_test)
        self.assertEqual(cipher1.nonce, cipher2.nonce)

        # Decryption
        key_mv = memoryview(bytearray(key))
        nonce_mv = memoryview(bytearray(nonce))
        ct_mv = memoryview(bytearray(ct))

        cipher3 = ChaCha20.new(key=key_mv, nonce=nonce_mv)
        key_mv[:1] = b'\xFF'
        nonce_mv[:1] = b'\xFF'
        pt_test = cipher3.decrypt(ct_mv)

        self.assertEqual(data, pt_test)
Exemplo n.º 3
0
    def runTest(self):

        # Encryption
        data = b("0123")
        key = b("9") * 32
        nonce = b("t") * 8

        cipher1 = ChaCha20.new(key=key, nonce=nonce)
        ref1 = cipher1.encrypt(data)

        cipher2 = ChaCha20.new(key=bytearray(key), nonce=bytearray(nonce))
        ref2 = cipher2.encrypt(bytearray(data))

        self.assertEqual(ref1, ref2)
        self.assertEqual(cipher1.nonce, cipher2.nonce)

        # Decryption

        cipher3 = ChaCha20.new(key=key, nonce=nonce)
        ref3 = cipher3.decrypt(data)

        cipher4 = ChaCha20.new(key=bytearray(key), nonce=bytearray(nonce))
        ref4 = cipher4.decrypt(bytearray(data))

        self.assertEqual(ref3, ref4)
Exemplo n.º 4
0
    def runTest(self):

        data = b"0123"
        key = b"9" * 32
        nonce = b"t" * 8

        # Encryption
        data_mv = memoryview(bytearray(data))
        key_mv = memoryview(bytearray(key))
        nonce_mv = memoryview(bytearray(nonce))

        cipher1 = ChaCha20.new(key=key, nonce=nonce)
        ct = cipher1.encrypt(data)

        cipher2 = ChaCha20.new(key=key_mv, nonce=nonce_mv)
        key_mv[:1] = b'\xFF'
        nonce_mv[:1] = b'\xFF'
        ct_test = cipher2.encrypt(data_mv)

        self.assertEqual(ct, ct_test)
        self.assertEqual(cipher1.nonce, cipher2.nonce)

        # Decryption
        key_mv = memoryview(bytearray(key))
        nonce_mv = memoryview(bytearray(nonce))
        ct_mv = memoryview(bytearray(ct))

        cipher3 = ChaCha20.new(key=key_mv, nonce=nonce_mv)
        key_mv[:1] = b'\xFF'
        nonce_mv[:1] = b'\xFF'
        pt_test = cipher3.decrypt(ct_mv)

        self.assertEqual(data, pt_test)
Exemplo n.º 5
0
    def test_round_trip(self):
        pt = b("A") * 1024
        c1 = ChaCha20.new(key=b("5") * 32, nonce=b("6") * 8)
        c2 = ChaCha20.new(key=b("5") * 32, nonce=b("6") * 8)
        ct = c1.encrypt(pt)
        self.assertEqual(c2.decrypt(ct), pt)

        self.assertEqual(c1.encrypt(b("")), b(""))
        self.assertEqual(c2.decrypt(b("")), b(""))
Exemplo n.º 6
0
    def test_eiter_encrypt_or_decrypt(self):
        """Verify that a cipher cannot be used for both decrypting and encrypting"""

        c1 = ChaCha20.new(key=b("5") * 32, nonce=b("6") * 8)
        c1.encrypt(b("8"))
        self.assertRaises(TypeError, c1.decrypt, b("9"))

        c2 = ChaCha20.new(key=b("5") * 32, nonce=b("6") * 8)
        c2.decrypt(b("8"))
        self.assertRaises(TypeError, c2.encrypt, b("9"))
Exemplo n.º 7
0
    def test_nonce(self):
        key = b'A' * 32

        nonce1 = b'P' * 8
        cipher1 = ChaCha20.new(key=key, nonce=nonce1)
        self.assertEqual(nonce1, cipher1.nonce)

        nonce2 = b'Q' * 12
        cipher2 = ChaCha20.new(key=key, nonce=nonce2)
        self.assertEqual(nonce2, cipher2.nonce)
Exemplo n.º 8
0
    def test_eiter_encrypt_or_decrypt(self):
        """Verify that a cipher cannot be used for both decrypting and encrypting"""

        c1 = ChaCha20.new(key=b("5") * 32, nonce=b("6") * 8)
        c1.encrypt(b("8"))
        self.assertRaises(TypeError, c1.decrypt, b("9"))

        c2 = ChaCha20.new(key=b("5") * 32, nonce=b("6") * 8)
        c2.decrypt(b("8"))
        self.assertRaises(TypeError, c2.encrypt, b("9"))
Exemplo n.º 9
0
    def test_seek(self):
        cipher1 = ChaCha20.new(key=b("9") * 32, nonce=b("e") * 8)

        offset = 64 * 900 + 7
        pt = b("1") * 64

        cipher1.encrypt(b("0") * offset)
        ct1 = cipher1.encrypt(pt)

        cipher2 = ChaCha20.new(key=b("9") * 32, nonce=b("e") * 8)
        cipher2.seek(offset)
        ct2 = cipher2.encrypt(pt)

        self.assertEquals(ct1, ct2)
Exemplo n.º 10
0
    def test_seek(self):
        cipher1 = ChaCha20.new(key=b("9") * 32, nonce=b("e") * 8)

        offset = 64 * 900 + 7
        pt = b("1") * 64

        cipher1.encrypt(b("0") * offset)
        ct1 = cipher1.encrypt(pt)

        cipher2 = ChaCha20.new(key=b("9") * 32, nonce=b("e") * 8)
        cipher2.seek(offset)
        ct2 = cipher2.encrypt(pt)

        self.assertEquals(ct1, ct2)
Exemplo n.º 11
0
 def get_cipher(self, protected_stream_key):
     key_hash = hashlib.sha512(protected_stream_key).digest()
     key = key_hash[:32]
     nonce = key_hash[32:44]
     return ChaCha20.new(
         key=key,
         nonce=nonce
     )
Exemplo n.º 12
0
    def runTest(self):
        # Encrypt/Decrypt data and test output parameter

        key = b'4' * 32
        nonce = b'5' * 8
        cipher = ChaCha20.new(key=key, nonce=nonce)

        pt = b'5' * 16
        ct = cipher.encrypt(pt)

        output = bytearray(16)
        cipher = ChaCha20.new(key=key, nonce=nonce)
        res = cipher.encrypt(pt, output=output)
        self.assertEqual(ct, output)
        self.assertEqual(res, None)

        cipher = ChaCha20.new(key=key, nonce=nonce)
        res = cipher.decrypt(ct, output=output)
        self.assertEqual(pt, output)
        self.assertEqual(res, None)

        import sys
        if sys.version[:3] != '2.6':
            output = memoryview(bytearray(16))
            cipher = ChaCha20.new(key=key, nonce=nonce)
            cipher.encrypt(pt, output=output)
            self.assertEqual(ct, output)

            cipher = ChaCha20.new(key=key, nonce=nonce)
            cipher.decrypt(ct, output=output)
            self.assertEqual(pt, output)

        cipher = ChaCha20.new(key=key, nonce=nonce)
        self.assertRaises(TypeError, cipher.encrypt, pt, output=b'0' * 16)

        cipher = ChaCha20.new(key=key, nonce=nonce)
        self.assertRaises(TypeError, cipher.decrypt, ct, output=b'0' * 16)

        shorter_output = bytearray(7)

        cipher = ChaCha20.new(key=key, nonce=nonce)
        self.assertRaises(ValueError,
                          cipher.encrypt,
                          pt,
                          output=shorter_output)

        cipher = ChaCha20.new(key=key, nonce=nonce)
        self.assertRaises(ValueError,
                          cipher.decrypt,
                          ct,
                          output=shorter_output)
Exemplo n.º 13
0
 def generate_stream(self, key, length):
     """
     The PRG; key is 32 bytes, output is of size length
     """
     assert len(key) == 32
     nonce = b"\x00" * 8  # it's OK to use zero nonce because we only use it once
     c = ChaCha20.new(key=key, nonce=nonce)
     return c.encrypt(b"\x00" * length)
Exemplo n.º 14
0
def generate_tls_chacha20(key, nonce_or_iv):
    nonce = nonce_or_iv
    cipher = ChaCha20.new(key=key, nonce=nonce)

    def do_computation(msg: bytes):
        cipher.encrypt(msg)

    return do_computation
Exemplo n.º 15
0
    def runTest(self):
        # Encrypt/Decrypt data and test output parameter

        key = b'4' * 32
        nonce = b'5' * 8
        cipher = ChaCha20.new(key=key, nonce=nonce)

        pt = b'5' * 300
        ct = cipher.encrypt(pt)

        output = bytearray(len(pt))
        cipher = ChaCha20.new(key=key, nonce=nonce)
        res = cipher.encrypt(pt, output=output)
        self.assertEqual(ct, output)
        self.assertEqual(res, None)

        cipher = ChaCha20.new(key=key, nonce=nonce)
        res = cipher.decrypt(ct, output=output)
        self.assertEqual(pt, output)
        self.assertEqual(res, None)

        output = memoryview(bytearray(len(pt)))
        cipher = ChaCha20.new(key=key, nonce=nonce)
        cipher.encrypt(pt, output=output)
        self.assertEqual(ct, output)

        cipher = ChaCha20.new(key=key, nonce=nonce)
        cipher.decrypt(ct, output=output)
        self.assertEqual(pt, output)

        cipher = ChaCha20.new(key=key, nonce=nonce)
        self.assertRaises(TypeError, cipher.encrypt, pt, output=b'0' * len(pt))

        cipher = ChaCha20.new(key=key, nonce=nonce)
        self.assertRaises(TypeError, cipher.decrypt, ct, output=b'0' * len(pt))

        shorter_output = bytearray(len(pt) - 1)

        cipher = ChaCha20.new(key=key, nonce=nonce)
        self.assertRaises(ValueError,
                          cipher.encrypt,
                          pt,
                          output=shorter_output)

        cipher = ChaCha20.new(key=key, nonce=nonce)
        self.assertRaises(ValueError,
                          cipher.decrypt,
                          ct,
                          output=shorter_output)
Exemplo n.º 16
0
 def create_block_cipher_key(self, secret):
     """
     Compute a block cipher key using the secret
     """
     assert len(secret) == 32
     stream_cipher_key = self.digest.create_stream_cipher_key(secret)
     nonce = b"\x00" * 8  # it's OK to use zero nonce because we only use it once
     c = ChaCha20.new(key=stream_cipher_key, nonce=nonce)
     key = c.encrypt(b"\x00" * Chacha20_Blake2b_Lioness.KEY_LEN)
     assert len(key) == Chacha20_Blake2b_Lioness.KEY_LEN
     return key
Exemplo n.º 17
0
    def test_streaming(self):
        """Verify that an arbitrary number of bytes can be encrypted/decrypted"""
        from Cryptodome.Hash import SHA1

        segments = (1, 3, 5, 7, 11, 17, 23)
        total = sum(segments)

        pt = b("")
        while len(pt) < total:
            pt += SHA1.new(pt).digest()

        cipher1 = ChaCha20.new(key=b("7") * 32, nonce=b("t") * 8)
        ct = cipher1.encrypt(pt)

        cipher2 = ChaCha20.new(key=b("7") * 32, nonce=b("t") * 8)
        cipher3 = ChaCha20.new(key=b("7") * 32, nonce=b("t") * 8)
        idx = 0
        for segment in segments:
            self.assertEqual(cipher2.decrypt(ct[idx:idx+segment]), pt[idx:idx+segment])
            self.assertEqual(cipher3.encrypt(pt[idx:idx+segment]), ct[idx:idx+segment])
            idx += segment
Exemplo n.º 18
0
    def test_streaming(self):
        """Verify that an arbitrary number of bytes can be encrypted/decrypted"""
        from Cryptodome.Hash import SHA1

        segments = (1, 3, 5, 7, 11, 17, 23)
        total = sum(segments)

        pt = b("")
        while len(pt) < total:
            pt += SHA1.new(pt).digest()

        cipher1 = ChaCha20.new(key=b("7") * 32, nonce=b("t") * 8)
        ct = cipher1.encrypt(pt)

        cipher2 = ChaCha20.new(key=b("7") * 32, nonce=b("t") * 8)
        cipher3 = ChaCha20.new(key=b("7") * 32, nonce=b("t") * 8)
        idx = 0
        for segment in segments:
            self.assertEqual(cipher2.decrypt(ct[idx:idx+segment]), pt[idx:idx+segment])
            self.assertEqual(cipher3.encrypt(pt[idx:idx+segment]), ct[idx:idx+segment])
            idx += segment
Exemplo n.º 19
0
def pyCrypto():
    import Cryptodome
    from Cryptodome.Cipher import AES, ChaCha20, DES, DES3, ARC2, ARC4, Blowfish, CAST, PKCS1_v1_5, PKCS1_OAEP, ChaCha20_Poly1305, Salsa20
    from Cryptodome.PublicKey import ElGamal

    Cryptodome.Cipher.AES.new()  # Noncompliant
    Cryptodome.Other.AES.new()  # OK
    AES.new(key=key)  # Noncompliant
    ChaCha20.new(key=key)  # Noncompliant
    DES.new(key=key)  # Noncompliant
    DES3.new(key=key)  # Noncompliant
    ARC2.new(key=key)  # Noncompliant
    ARC4.new(key=key)  # Noncompliant
    Blowfish.new(key=key)  # Noncompliant
    CAST.new(key=key)  # Noncompliant
    PKCS1_v1_5.new(key=key)  # Noncompliant
    PKCS1_OAEP.new(key=key)  # Noncompliant
    ChaCha20_Poly1305.new(key=key)  # Noncompliant
    Salsa20.new(key=key)  # Noncompliant

    ElGamal.generate(key_size)  # Noncompliant
Exemplo n.º 20
0
    def runTest(self):
        # Encrypt/Decrypt data and test output parameter

        key = b'4' * 32
        nonce = b'5' * 8
        cipher = ChaCha20.new(key=key, nonce=nonce)

        pt = b'5' * 16
        ct = cipher.encrypt(pt)

        output = bytearray(16)
        cipher = ChaCha20.new(key=key, nonce=nonce)
        res = cipher.encrypt(pt, output=output)
        self.assertEqual(ct, output)
        self.assertEqual(res, None)
        
        cipher = ChaCha20.new(key=key, nonce=nonce)
        res = cipher.decrypt(ct, output=output)
        self.assertEqual(pt, output)
        self.assertEqual(res, None)

        import sys
        if sys.version[:3] != '2.6':
            output = memoryview(bytearray(16))
            cipher = ChaCha20.new(key=key, nonce=nonce)
            cipher.encrypt(pt, output=output)
            self.assertEqual(ct, output)
        
            cipher = ChaCha20.new(key=key, nonce=nonce)
            cipher.decrypt(ct, output=output)
            self.assertEqual(pt, output)

        cipher = ChaCha20.new(key=key, nonce=nonce)
        self.assertRaises(TypeError, cipher.encrypt, pt, output=b'0'*16)
        
        cipher = ChaCha20.new(key=key, nonce=nonce)
        self.assertRaises(TypeError, cipher.decrypt, ct, output=b'0'*16)

        shorter_output = bytearray(7)
        
        cipher = ChaCha20.new(key=key, nonce=nonce)
        self.assertRaises(ValueError, cipher.encrypt, pt, output=shorter_output)
        
        cipher = ChaCha20.new(key=key, nonce=nonce)
        self.assertRaises(ValueError, cipher.decrypt, ct, output=shorter_output)
Exemplo n.º 21
0
    def decrypt(self, file_path, password):
        private_key = self.get_private_key(password)
        if private_key is None:
            return {'status': False, 'msg': "Cannot get private key"}
        with open(file_path, 'rb') as fi:
            try:
                msg = json.loads(fi.read())
            except ValueError:
                return {'status': False, 'msg': "File structure is damaged"}
            for key, value in msg.iteritems():
                msg[key] = b64decode(value)
            secret_key = PKCS1_OAEP.new(private_key).decrypt(msg['secret_key'])
            try:
                # init cipher
                if msg['alg'] == ALG_OPTIONS[0]:
                    cipher = AES.new(secret_key, AES.MODE_EAX, msg['nonce'])
                elif msg['alg'] == ALG_OPTIONS[1]:
                    cipher = AES.new(secret_key, AES.MODE_OCB, msg['nonce'])
                elif msg['alg'] == ALG_OPTIONS[2]:
                    cipher = AES.new(secret_key, AES.MODE_CFB, msg['iv'])
                elif msg['alg'] == ALG_OPTIONS[3]:
                    cipher = AES.new(secret_key, AES.MODE_CTR, msg['nonce'])
                elif msg['alg'] == ALG_OPTIONS[4]:
                    cipher = DES.new(secret_key, DES.MODE_OFB, iv=msg['iv'])
                elif msg['alg'] == ALG_OPTIONS[5]:
                    cipher = ARC2.new(secret_key, ARC2.MODE_CFB)
                elif msg['alg'] == ALG_OPTIONS[6]:
                    cipher = ARC4.new(secret_key)
                elif msg['alg'] == ALG_OPTIONS[7]:
                    cipher = ChaCha20.new(key=secret_key, nonce=msg['nonce'])
                elif msg['alg'] == ALG_OPTIONS[8]:
                    cipher = Salsa20.new(key=secret_key, nonce=msg['nonce'])
                else:
                    return {'status': False, 'msg': "Cannot define the algorithm used to encrypt this file"}

                # decrypt and verify
                if msg['alg'] in ALG_OPTIONS[1:3]:
                    decrypted_msg = cipher.decrypt_and_verify(msg['cipher_text'], msg['tag'])
                elif msg['alg'] in ALG_OPTIONS[3:]:
                    decrypted_msg = cipher.decrypt(msg['cipher_text'])
                    SHA256.new(decrypted_msg).hexdigest(), msg['tag']
                    if SHA256.new(decrypted_msg).hexdigest() != msg['tag']:
                        raise ValueError
                else:
                    return {'status': False, 'msg': "Cannot define the algorithm used to encrypt this file"}
            except ValueError, KeyError:
                return {'status': False, 'msg': "Decrypt failed, you are not the owner of this file"}
            dir_path, file_name = os.path.split(file_path)
            with open(dir_path + '/' + msg['file_name'], 'wb') as fo:
                fo.write(decrypted_msg)
            return {'status': True, 'msg': "Successfully decrypted file %s" % file_path}
Exemplo n.º 22
0
 def test_seek_tv(self):
     # Test Vector #4, A.1 from
     # http://tools.ietf.org/html/draft-nir-cfrg-chacha20-poly1305-04
     key = bchr(0) + bchr(255) + bchr(0) * 30
     nonce = bchr(0) * 8
     cipher = ChaCha20.new(key=key, nonce=nonce)
     cipher.seek(64 * 2)
     expected_key_stream = unhexlify(
         b("72d54dfbf12ec44b362692df94137f32"
           "8fea8da73990265ec1bbbea1ae9af0ca"
           "13b25aa26cb4a648cb9b9d1be65b2c09"
           "24a66c54d545ec1b7374f4872e99f096"))
     ct = cipher.encrypt(bchr(0) * len(expected_key_stream))
     self.assertEqual(expected_key_stream, ct)
Exemplo n.º 23
0
def chacha20_encrypt(*, key: bytes, nonce: bytes, data: bytes) -> bytes:
    assert isinstance(key, (bytes, bytearray))
    assert isinstance(nonce, (bytes, bytearray))
    assert isinstance(data, (bytes, bytearray))
    assert len(nonce) == 8, f"unexpected nonce size: {len(nonce)} (expected: 8)"
    if HAS_CRYPTODOME:
        cipher = CD_ChaCha20.new(key=key, nonce=nonce)
        return cipher.encrypt(data)
    if HAS_CRYPTOGRAPHY:
        nonce = bytes(8) + nonce  # cryptography wants 16 byte nonces
        algo = CG_algorithms.ChaCha20(key=key, nonce=nonce)
        cipher = CG_Cipher(algo, mode=None, backend=CG_default_backend())
        encryptor = cipher.encryptor()
        return encryptor.update(data)
    raise Exception("no chacha20 backend found")
Exemplo n.º 24
0
 def test_seek_tv(self):
     # Test Vector #4, A.1 from
     # http://tools.ietf.org/html/draft-nir-cfrg-chacha20-poly1305-04
     key = bchr(0) + bchr(255) + bchr(0) * 30
     nonce = bchr(0) * 8
     cipher = ChaCha20.new(key=key, nonce=nonce)
     cipher.seek(64 * 2)
     expected_key_stream = unhexlify(b(
         "72d54dfbf12ec44b362692df94137f32"
         "8fea8da73990265ec1bbbea1ae9af0ca"
         "13b25aa26cb4a648cb9b9d1be65b2c09"
         "24a66c54d545ec1b7374f4872e99f096"
         ))
     ct = cipher.encrypt(bchr(0) * len(expected_key_stream))
     self.assertEqual(expected_key_stream, ct)
Exemplo n.º 25
0
    def encrypt(self, key: bytes, data: bytes, nonce: Optional[bytes] = None) -> bytes:
        """
        Encrypts buffer using ChaCha20 algorithm.

        :param key: Cryptographic key (32 bytes)
        :type key: bytes
        :param data: Buffer to be encrypted
        :type data: bytes
        :param nonce: Nonce value (8/12 bytes, defaults to `b"\\\\x00"*8` )
        :type nonce: bytes, optional
        :return: Encrypted data
        :rtype: bytes
        """
        if nonce is None:
            nonce = b"\x00" * 8
        return ChaCha20Cipher.new(key=key, nonce=nonce).encrypt(data)
Exemplo n.º 26
0
 def write_file(self, location, file, data: bytes) -> int:
     root = self.fs['contents']['files']
     if location != '/':
         path = location.strip('/').split('/')
         for j in path:
             for i in root:
                 if j == i['name'] and i['type'] == 'dir':
                     root = i['files']
                     break
             else:
                 return 1
     for i in root:
         if i['name'] == file:
             cipher = ChaCha20.new(key=self.key[:32], nonce=b64decode(i['nonce']))
             i['contents'] = b64encode(cipher.encrypt(data)).decode()
             return 0
     else:
         return 1
Exemplo n.º 27
0
 def read_file(self, location, file):
     root = self.fs['contents']['files']
     if location != '/':
         path = location.strip('/').split('/')
         for j in path:
             for i in root:
                 if j == i['name'] and i['type'] == 'dir':
                     root = i['files']
                     break
             else:
                 return 1
     for i in root:
         if i['name'] == file:
             data = b64decode(i['contents'])
             cipher = ChaCha20.new(key=self.key[:32], nonce=b64decode(i['nonce']))
             return cipher.decrypt(data)
     else:
         return 1
    def __init__(self, key, nonce):
        """Initialize a ChaCha20-Poly1305 AEAD cipher object

        See also `new()` at the module level."""

        self.nonce = _copy_bytes(None, None, nonce)

        self._next = (self.update, self.encrypt, self.decrypt, self.digest,
                      self.verify)

        self._authenticator = Poly1305.new(key=key, nonce=nonce, cipher=ChaCha20)

        self._cipher = ChaCha20.new(key=key, nonce=nonce)
        self._cipher.seek(64)   # Block counter starts at 1

        self._len_aad = 0
        self._len_ct = 0
        self._mac_tag = None
        self._status = _CipherStatus.PROCESSING_AUTH_DATA
Exemplo n.º 29
0
    def __init__(self, key, nonce):
        """Initialize a ChaCha20-Poly1305 AEAD cipher object

        See also `new()` at the module level."""

        self.nonce = _copy_bytes(None, None, nonce)

        self._next = (self.update, self.encrypt, self.decrypt, self.digest,
                      self.verify)

        self._authenticator = Poly1305.new(key=key, nonce=nonce, cipher=ChaCha20)
        
        self._cipher = ChaCha20.new(key=key, nonce=nonce)
        self._cipher.seek(64)   # Block counter starts at 1

        self._len_aad = 0
        self._len_ct = 0
        self._mac_tag = None
        self._status = _CipherStatus.PROCESSING_AUTH_DATA
Exemplo n.º 30
0
    def test_encrypt(self):
        # Section A.3.2

        pt = b"""
                5468652064686f6c65202870726f6e6f756e6365642022646f6c652229206973
                20616c736f206b6e6f776e2061732074686520417369617469632077696c6420
                646f672c2072656420646f672c20616e642077686973746c696e6720646f672e
                2049742069732061626f7574207468652073697a65206f662061204765726d61
                6e20736865706865726420627574206c6f6f6b73206d6f7265206c696b652061
                206c6f6e672d6c656767656420666f782e205468697320686967686c7920656c
                757369766520616e6420736b696c6c6564206a756d70657220697320636c6173
                736966696564207769746820776f6c7665732c20636f796f7465732c206a6163
                6b616c732c20616e6420666f78657320696e20746865207461786f6e6f6d6963
                2066616d696c792043616e696461652e"""
        pt = unhexlify(pt.replace(b"\n", b"").replace(b" ", b""))

        key = unhexlify(
            b"808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f"
        )
        iv = unhexlify(b"404142434445464748494a4b4c4d4e4f5051525354555658")

        ct = b"""
                7d0a2e6b7f7c65a236542630294e063b7ab9b555a5d5149aa21e4ae1e4fbce87
                ecc8e08a8b5e350abe622b2ffa617b202cfad72032a3037e76ffdcdc4376ee05
                3a190d7e46ca1de04144850381b9cb29f051915386b8a710b8ac4d027b8b050f
                7cba5854e028d564e453b8a968824173fc16488b8970cac828f11ae53cabd201
                12f87107df24ee6183d2274fe4c8b1485534ef2c5fbc1ec24bfc3663efaa08bc
                047d29d25043532db8391a8a3d776bf4372a6955827ccb0cdd4af403a7ce4c63
                d595c75a43e045f0cce1f29c8b93bd65afc5974922f214a40b7c402cdb91ae73
                c0b63615cdad0480680f16515a7ace9d39236464328a37743ffc28f4ddb324f4
                d0f5bbdc270c65b1749a6efff1fbaa09536175ccd29fb9e6057b307320d31683
                8a9c71f70b5b5907a66f7ea49aadc409"""
        ct = unhexlify(ct.replace(b"\n", b"").replace(b" ", b""))

        cipher = ChaCha20.new(key=key, nonce=iv)
        cipher.seek(64)  # Counter = 1
        ct_test = cipher.encrypt(pt)
        self.assertEqual(ct, ct_test)
Exemplo n.º 31
0
 def test_default_nonce(self):
     cipher1 = ChaCha20.new(key=bchr(1) * 32)
     cipher2 = ChaCha20.new(key=bchr(1) * 32)
     self.assertEquals(len(cipher1.nonce), 8)
     self.assertNotEqual(cipher1.nonce, cipher2.nonce)
Exemplo n.º 32
0
def generate_cipher_stream(stream_key: bytes, num_bytes: int) -> bytes:
    cipher = ChaCha20.new(key=stream_key, nonce=bytes(8))
    return cipher.encrypt(bytes(num_bytes))
Exemplo n.º 33
0
 def __init__(self, seed_string):
     assert isinstance(seed_string, str) and len(seed_string) == 64
     self.cipher = ChaCha20.new(key=binascii.unhexlify(seed_string),
                                nonce=b"\x00" * 8)
Exemplo n.º 34
0
 def get_cipher(self, master_key, encryption_iv):
     return ChaCha20.new(key=master_key, nonce=encryption_iv)
Exemplo n.º 35
0
    def test_rfc7539(self):
        # from https://tools.ietf.org/html/rfc7539 Annex A.1
        # Each item is: key, nonce, block #, plaintext, ciphertext
        tvs = [
                # Test Vector #1
                (
                    "00"*32,
                    "00"*12,
                    0,
                    "00"*16*4,
                    "76b8e0ada0f13d90405d6ae55386bd28"
                    "bdd219b8a08ded1aa836efcc8b770dc7"
                    "da41597c5157488d7724e03fb8d84a37"
                    "6a43b8f41518a11cc387b669b2ee6586"
                ),
                # Test Vector #2
                (
                    "00"*31 + "01",
                    "00"*11 + "02",
                    1,
                    "416e79207375626d697373696f6e2074"
                    "6f20746865204945544620696e74656e"
                    "6465642062792074686520436f6e7472"
                    "696275746f7220666f72207075626c69"
                    "636174696f6e20617320616c6c206f72"
                    "2070617274206f6620616e2049455446"
                    "20496e7465726e65742d447261667420"
                    "6f722052464320616e6420616e792073"
                    "746174656d656e74206d616465207769"
                    "7468696e2074686520636f6e74657874"
                    "206f6620616e20494554462061637469"
                    "7669747920697320636f6e7369646572"
                    "656420616e20224945544620436f6e74"
                    "7269627574696f6e222e205375636820"
                    "73746174656d656e747320696e636c75"
                    "6465206f72616c2073746174656d656e"
                    "747320696e2049455446207365737369"
                    "6f6e732c2061732077656c6c20617320"
                    "7772697474656e20616e6420656c6563"
                    "74726f6e696320636f6d6d756e696361"
                    "74696f6e73206d61646520617420616e"
                    "792074696d65206f7220706c6163652c"
                    "20776869636820617265206164647265"
                    "7373656420746f",
                    "a3fbf07df3fa2fde4f376ca23e827370"
                    "41605d9f4f4f57bd8cff2c1d4b7955ec"
                    "2a97948bd3722915c8f3d337f7d37005"
                    "0e9e96d647b7c39f56e031ca5eb6250d"
                    "4042e02785ececfa4b4bb5e8ead0440e"
                    "20b6e8db09d881a7c6132f420e527950"
                    "42bdfa7773d8a9051447b3291ce1411c"
                    "680465552aa6c405b7764d5e87bea85a"
                    "d00f8449ed8f72d0d662ab052691ca66"
                    "424bc86d2df80ea41f43abf937d3259d"
                    "c4b2d0dfb48a6c9139ddd7f76966e928"
                    "e635553ba76c5c879d7b35d49eb2e62b"
                    "0871cdac638939e25e8a1e0ef9d5280f"
                    "a8ca328b351c3c765989cbcf3daa8b6c"
                    "cc3aaf9f3979c92b3720fc88dc95ed84"
                    "a1be059c6499b9fda236e7e818b04b0b"
                    "c39c1e876b193bfe5569753f88128cc0"
                    "8aaa9b63d1a16f80ef2554d7189c411f"
                    "5869ca52c5b83fa36ff216b9c1d30062"
                    "bebcfd2dc5bce0911934fda79a86f6e6"
                    "98ced759c3ff9b6477338f3da4f9cd85"
                    "14ea9982ccafb341b2384dd902f3d1ab"
                    "7ac61dd29c6f21ba5b862f3730e37cfd"
                    "c4fd806c22f221"
                ),
                # Test Vector #3
                (
                    "1c9240a5eb55d38af333888604f6b5f0"
                    "473917c1402b80099dca5cbc207075c0",
                    "00"*11 + "02",
                    42,
                    "2754776173206272696c6c69672c2061"
                    "6e642074686520736c6974687920746f"
                    "7665730a446964206779726520616e64"
                    "2067696d626c6520696e207468652077"
                    "6162653a0a416c6c206d696d73792077"
                    "6572652074686520626f726f676f7665"
                    "732c0a416e6420746865206d6f6d6520"
                    "7261746873206f757467726162652e",
                    "62e6347f95ed87a45ffae7426f27a1df"
                    "5fb69110044c0d73118effa95b01e5cf"
                    "166d3df2d721caf9b21e5fb14c616871"
                    "fd84c54f9d65b283196c7fe4f60553eb"
                    "f39c6402c42234e32a356b3e764312a6"
                    "1a5532055716ead6962568f87d3f3f77"
                    "04c6a8d1bcd1bf4d50d6154b6da731b1"
                    "87b58dfd728afa36757a797ac188d1"
                )
        ]

        for tv in tvs:
            key = unhexlify(tv[0])
            nonce = unhexlify(tv[1])
            offset = tv[2] * 64
            pt = unhexlify(tv[3])
            ct_expect = unhexlify(tv[4])

            cipher = ChaCha20.new(key=key, nonce=nonce)
            if offset != 0:
                cipher.seek(offset)
            ct = cipher.encrypt(pt)
            assert(ct == ct_expect)
Exemplo n.º 36
0
 def test_new_positive(self):
     cipher = ChaCha20.new(key=b("0")*32, nonce=b"0"*8)
     self.assertEqual(cipher.nonce, b"0" * 8)
     cipher = ChaCha20.new(key=b("0")*32, nonce=b"0"*12)
     self.assertEqual(cipher.nonce, b"0" * 12)
Exemplo n.º 37
0
 def runTest(self):
     for (key, nonce, stream) in self.tv:
         c = ChaCha20.new(key=unhexlify(b(key)), nonce=unhexlify(b(nonce)))
         ct = unhexlify(b(stream))
         pt = b("\x00") * len(ct)
         self.assertEqual(c.encrypt(pt), ct)
Exemplo n.º 38
0
 def test_default_nonce(self):
     cipher1 = ChaCha20.new(key=bchr(1) * 32)
     cipher2 = ChaCha20.new(key=bchr(1) * 32)
     self.assertEquals(len(cipher1.nonce), 8)
     self.assertNotEqual(cipher1.nonce, cipher2.nonce)
Exemplo n.º 39
0
 def runTest(self):
     for (key, nonce, stream) in self.tv:
         c = ChaCha20.new(key=unhexlify(b(key)), nonce=unhexlify(b(nonce)))
         ct = unhexlify(b(stream))
         pt = b("\x00") * len(ct)
         self.assertEqual(c.encrypt(pt), ct)
Exemplo n.º 40
0
 def test_new_positive(self):
     cipher = ChaCha20.new(key=b("0")*32, nonce=b"0"*8)
     self.assertEqual(cipher.nonce, b"0" * 8)
     cipher = ChaCha20.new(key=b("0")*32, nonce=b"0"*12)
     self.assertEqual(cipher.nonce, b"0" * 12)
Exemplo n.º 41
0
    def test_rfc7539(self):
        # from https://tools.ietf.org/html/rfc7539 Annex A.1
        # Each item is: key, nonce, block #, plaintext, ciphertext
        tvs = [
                # Test Vector #1
                (
                    "00"*32,
                    "00"*12,
                    0,
                    "00"*16*4,
                    "76b8e0ada0f13d90405d6ae55386bd28"
                    "bdd219b8a08ded1aa836efcc8b770dc7"
                    "da41597c5157488d7724e03fb8d84a37"
                    "6a43b8f41518a11cc387b669b2ee6586"
                ),
                # Test Vector #2
                (
                    "00"*31 + "01",
                    "00"*11 + "02",
                    1,
                    "416e79207375626d697373696f6e2074"
                    "6f20746865204945544620696e74656e"
                    "6465642062792074686520436f6e7472"
                    "696275746f7220666f72207075626c69"
                    "636174696f6e20617320616c6c206f72"
                    "2070617274206f6620616e2049455446"
                    "20496e7465726e65742d447261667420"
                    "6f722052464320616e6420616e792073"
                    "746174656d656e74206d616465207769"
                    "7468696e2074686520636f6e74657874"
                    "206f6620616e20494554462061637469"
                    "7669747920697320636f6e7369646572"
                    "656420616e20224945544620436f6e74"
                    "7269627574696f6e222e205375636820"
                    "73746174656d656e747320696e636c75"
                    "6465206f72616c2073746174656d656e"
                    "747320696e2049455446207365737369"
                    "6f6e732c2061732077656c6c20617320"
                    "7772697474656e20616e6420656c6563"
                    "74726f6e696320636f6d6d756e696361"
                    "74696f6e73206d61646520617420616e"
                    "792074696d65206f7220706c6163652c"
                    "20776869636820617265206164647265"
                    "7373656420746f",
                    "a3fbf07df3fa2fde4f376ca23e827370"
                    "41605d9f4f4f57bd8cff2c1d4b7955ec"
                    "2a97948bd3722915c8f3d337f7d37005"
                    "0e9e96d647b7c39f56e031ca5eb6250d"
                    "4042e02785ececfa4b4bb5e8ead0440e"
                    "20b6e8db09d881a7c6132f420e527950"
                    "42bdfa7773d8a9051447b3291ce1411c"
                    "680465552aa6c405b7764d5e87bea85a"
                    "d00f8449ed8f72d0d662ab052691ca66"
                    "424bc86d2df80ea41f43abf937d3259d"
                    "c4b2d0dfb48a6c9139ddd7f76966e928"
                    "e635553ba76c5c879d7b35d49eb2e62b"
                    "0871cdac638939e25e8a1e0ef9d5280f"
                    "a8ca328b351c3c765989cbcf3daa8b6c"
                    "cc3aaf9f3979c92b3720fc88dc95ed84"
                    "a1be059c6499b9fda236e7e818b04b0b"
                    "c39c1e876b193bfe5569753f88128cc0"
                    "8aaa9b63d1a16f80ef2554d7189c411f"
                    "5869ca52c5b83fa36ff216b9c1d30062"
                    "bebcfd2dc5bce0911934fda79a86f6e6"
                    "98ced759c3ff9b6477338f3da4f9cd85"
                    "14ea9982ccafb341b2384dd902f3d1ab"
                    "7ac61dd29c6f21ba5b862f3730e37cfd"
                    "c4fd806c22f221"
                ),
                # Test Vector #3
                (
                    "1c9240a5eb55d38af333888604f6b5f0"
                    "473917c1402b80099dca5cbc207075c0",
                    "00"*11 + "02",
                    42,
                    "2754776173206272696c6c69672c2061"
                    "6e642074686520736c6974687920746f"
                    "7665730a446964206779726520616e64"
                    "2067696d626c6520696e207468652077"
                    "6162653a0a416c6c206d696d73792077"
                    "6572652074686520626f726f676f7665"
                    "732c0a416e6420746865206d6f6d6520"
                    "7261746873206f757467726162652e",
                    "62e6347f95ed87a45ffae7426f27a1df"
                    "5fb69110044c0d73118effa95b01e5cf"
                    "166d3df2d721caf9b21e5fb14c616871"
                    "fd84c54f9d65b283196c7fe4f60553eb"
                    "f39c6402c42234e32a356b3e764312a6"
                    "1a5532055716ead6962568f87d3f3f77"
                    "04c6a8d1bcd1bf4d50d6154b6da731b1"
                    "87b58dfd728afa36757a797ac188d1"
                )
        ]

        for tv in tvs:
            key = unhexlify(tv[0])
            nonce = unhexlify(tv[1])
            offset = tv[2] * 64
            pt = unhexlify(tv[3])
            ct_expect = unhexlify(tv[4])

            cipher = ChaCha20.new(key=key, nonce=nonce)
            if offset != 0:
                cipher.seek(offset)
            ct = cipher.encrypt(pt)
            assert(ct == ct_expect)
Exemplo n.º 42
0
 def test_nonce(self):
     key = b'A' * 32
     nonce = b'P' * 24
     cipher = ChaCha20.new(key=key, nonce=nonce)
     self.assertEqual(nonce, cipher.nonce)