def SEEDEncrypt(plaintext, key, iv):
plaintext = pad(plaintext)
backend = default_backend()
cipher = Cipher(algorithms.SEED(key), modes.CBC(iv), backend=backend)
encryptor = cipher.encryptor()
ciphertext = encryptor.update(plaintext) + encryptor.finalize()
return ciphertext
def encrypt(mode, key, iv, plaintext):
cipher = base.Cipher(algorithms.SEED(binascii.unhexlify(key)),
mode(binascii.unhexlify(iv)), backend)
encryptor = cipher.encryptor()
ct = encryptor.update(binascii.unhexlify(plaintext))
ct += encryptor.finalize()
return binascii.hexlify(ct)
def SEEDDecrypt(ciphertext, key, iv):
backend = default_backend()
cipher = Cipher(algorithms.SEED(key), modes.CBC(iv), backend=backend)
decryptor = cipher.decryptor()
plaintext = decryptor.update(ciphertext) + decryptor.finalize()
plaintext = plaintext[0:123]
return plaintext
def decrypt(key, txt):
mode = modes.ECB()
cipher = base.Cipher(algorithms.SEED(key), mode, backend)
decryptor = cipher.decryptor()
ct = decryptor.update(txt)
ct += decryptor.finalize()
return ct
class TestSEEDModeECB(object):
test_ECB = generate_encrypt_test(
load_nist_vectors,
os.path.join("ciphers", "SEED"),
["rfc-4269.txt"],
lambda key, **kwargs: algorithms.SEED(binascii.unhexlify((key))),
lambda **kwargs: modes.ECB(),
)
class TestSEEDModeCBC:
test_cbc = generate_encrypt_test(
load_nist_vectors,
os.path.join("ciphers", "SEED"),
["rfc-4196.txt"],
lambda key, **kwargs: algorithms.SEED(binascii.unhexlify((key))),
lambda iv, **kwargs: modes.CBC(binascii.unhexlify(iv)),
)
class TestSEEDModeCFB(object):
test_CFB = generate_encrypt_test(
load_nist_vectors,
os.path.join("ciphers", "SEED"),
["seed-cfb.txt"],
lambda key, **kwargs: algorithms.SEED(binascii.unhexlify((key))),
lambda iv, **kwargs: modes.CFB(binascii.unhexlify(iv))
)
def seed_cbc_128_decrypt(key, ciphertext, iv='0123456789012345'):
"""General function - decrypt ciphertext with seed-cbc-128(key, iv)"""
backend = default_backend()
cipher = Cipher(algorithms.SEED(key), modes.CBC(iv), backend=backend)
decryptor = cipher.decryptor()
decrypted_text = decryptor.update(ciphertext)
unpadder = padding.PKCS7(128).unpadder()
unpadded_text = unpadder.update(decrypted_text) + unpadder.finalize()
return unpadded_text
def seed_cbc_128_encrypt(key, plaintext, iv='0123456789012345'):
"""General function - encrypt plaintext with seed-cbc-128(key, iv)"""
backend = default_backend()
cipher = Cipher(algorithms.SEED(key), modes.CBC(iv), backend=backend)
encryptor = cipher.encryptor()
padder = padding.PKCS7(128).padder()
padded_text = padder.update(plaintext) + padder.finalize()
encrypted_text = encryptor.update(padded_text)
return encrypted_text
def _algorithm(self, secret, name='AES'):
if not name:
return algorithms.AES(secret)
name = name.upper()
if name == 'AES':
return algorithms.AES(secret)
if name == 'CAMELLIA':
return algorithms.Camellia(secret)
elif name == 'CAST5':
return algorithms.CAST5(secret)
elif name == 'SEED':
return algorithms.SEED(secret)
else:
return algorithms.AES(secret)
def get_algorithm(self, algorithm, key):
if algorithm == SecurityAlgorithm.none:
return None
elif algorithm == SecurityAlgorithm.aes:
return algorithms.AES(key)
elif algorithm == SecurityAlgorithm.camellia:
return algorithms.Camellia(key)
# elif algorithm == SecurityAlgorithm.chacha20:
# return algorithms.ChaCha20(key)
elif algorithm == SecurityAlgorithm.triple_des:
return algorithms.TripleDES(key)
elif algorithm == SecurityAlgorithm.cast5:
return algorithms.CAST5(key)
elif algorithm == SecurityAlgorithm.seed:
return algorithms.SEED(key)
else:
logger.error("Not supportable algorithm")
def get_cipher(self):
if self.method.startswith('rc4'):
return Cipher(algorithms.ARC4(self.key), None, default_backend())
if self.method.endswith('ctr'):
mode = modes.CTR(self.iv)
elif self.method.endswith('ofb'):
mode = modes.OFB(self.iv)
elif self.method.endswith('cfb8'):
mode = modes.CFB8(self.iv)
else:
mode = modes.CFB(self.iv)
if self.method.startswith('aes'):
return Cipher(algorithms.AES(self.key), mode, default_backend())
if self.method.startswith('camellia'):
return Cipher(algorithms.Camellia(self.key), mode, default_backend())
if self.method.startswith('seed'):
return Cipher(algorithms.SEED(self.key), mode, default_backend())
raise ValueError('crypto method %s not supported!' % self.method)
def start_cifra(key,iv,who):
global CSUIT
alg,modo,dige = CSUIT[who].split("_")
if(modo == 'CFB'):
mode = modes.CFB(iv)
elif(modo == 'CTR'):
mode = modes.CTR(iv)
elif(modo == 'OFB'):
mode = modes.OFB(iv)
if(alg == 'AES'):
algorithm = algorithms.AES(key)
elif(alg == 'SEED'):
algorithm = algorithms.SEED(key)
elif(alg == 'CAST5'):
algorithm = algorithms.CAST5(key)
elif(alg == 'TripleDES'):
algorithm = algorithms.TripleDES(key)
elif(alg == 'Camellia'):
algorithm = algorithms.Camellia(key)
cifra = Cipher(algorithm,mode)
return cifra
def get_cipher(self):
if self.method.startswith('aes'):
return Cipher(algorithms.AES(self.key), modes.CFB(self.iv),
default_backend())
if self.method.startswith('bf'):
return Cipher(algorithms.Blowfish(self.key), modes.CFB(self.iv),
default_backend())
if self.method.startswith('camellia'):
return Cipher(algorithms.Camellia(self.key), modes.CFB(self.iv),
default_backend())
if self.method.startswith('cast5'):
return Cipher(algorithms.CAST5(self.key), modes.CFB(self.iv),
default_backend())
if self.method.startswith('seed'):
return Cipher(algorithms.SEED(self.key), modes.CFB(self.iv),
default_backend())
if self.method.startswith('idea'):
return Cipher(algorithms.IDEA(self.key), modes.CFB(self.iv),
default_backend())
if self.method.startswith('rc4'):
return Cipher(algorithms.ARC4(self.key), None, default_backend())
raise ValueError('crypto method %s not supported!' % self.method)
def choicesS(algo):
if (algo == 1): return algorithms.AES(key) #block size == 128 bits
elif (algo == 2): return algorithms.TripleDES(key) #64 bits
elif (algo == 3): return algorithms.Camellia(key) #128 bits
elif (algo == 4): return algorithms.CAST5(key) #64 bits
elif (algo == 5): return algorithms.SEED(key) #128 bits
# -*- coding: utf-8 -*-
"""
Created on Tue Sep 13 00:49:12 2016
@author: Nevil Dsouza
"""
import os
from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes
from cryptography.hazmat.backends import default_backend
backend = default_backend()
key = os.urandom(16)
iv = os.urandom(16)
cipher = Cipher(algorithms.SEED(key), modes.CBC(iv), backend=backend)
encryptor = cipher.encryptor()
ct = encryptor.update(b"45") + encryptor.finalize()
print(str(ct.decode("utf-16")))
decryptor = cipher.decryptor()
pt = decryptor.update(ct) + decryptor.finalize()
print(pt)
import binascii
import os
import pytest
from cryptography.hazmat.backends.interfaces import CipherBackend
from cryptography.hazmat.primitives.ciphers import algorithms, modes
from .utils import generate_encrypt_test
from ...utils import load_nist_vectors
@pytest.mark.supported(
only_if=lambda backend: backend.cipher_supported(
algorithms.SEED(b"\x00" * 16), modes.ECB()
),
skip_message="Does not support SEED ECB",
)
@pytest.mark.requires_backend_interface(interface=CipherBackend)
class TestSEEDModeECB(object):
test_ECB = generate_encrypt_test(
load_nist_vectors,
os.path.join("ciphers", "SEED"),
["rfc-4269.txt"],
lambda key, **kwargs: algorithms.SEED(binascii.unhexlify((key))),
lambda **kwargs: modes.ECB(),
)
@pytest.mark.supported(
def tests(device_details, encryption_function):
# initialize row for database entry
new_row = {
"device": device_details,
"algo": None,
"start_time": None,
"end_time": None,
"total_time": None,
"sensor_data": "b'a secret message'",
"cypher_text": None,
"test_number": None
}
# convert the dictionary into a proper JSON object
# device_data = json.dumps(device_details, indent=4, sort_keys=False)
# generate keys
backend = default_backend()
salt = os.urandom(16)
# AES key derivation function and key
aes_kdf = PBKDF2HMAC(algorithm=hashes.SHA256(),
length=32,
salt=salt,
iterations=100000,
backend=backend)
aes_key = aes_kdf.derive(b"password")
# 3DES key derivation fucntion and key
des3_kdf = PBKDF2HMAC(algorithm=hashes.SHA256(),
length=24,
salt=salt,
iterations=100000,
backend=backend)
des3_key = des3_kdf.derive(b"password")
# SEED key derivation fucntion and key
seed_kdf = PBKDF2HMAC(algorithm=hashes.SHA256(),
length=16,
salt=salt,
iterations=100000,
backend=backend)
seed_key = seed_kdf.derive(b"password")
# cycle through three encryption algorithms (AES, 3DES, and SEED)
algos = {
"AES_CBC": {
'algo': algorithms.AES(aes_key),
'mode': modes.CBC(os.urandom(16))
},
"AES_ECB": {
'algo': algorithms.AES(aes_key),
'mode': modes.ECB()
},
"AES_CFB": {
'algo': algorithms.AES(aes_key),
'mode': modes.CFB(os.urandom(16))
},
"AES_CTR": {
'algo': algorithms.AES(aes_key),
'mode': modes.CTR(os.urandom(16))
},
"AES_OFB": {
'algo': algorithms.AES(aes_key),
'mode': modes.OFB(os.urandom(16))
},
"3DES": {
'algo': algorithms.TripleDES(des3_key),
'mode': modes.CBC(os.urandom(8))
},
"SEED": {
'algo': algorithms.SEED(seed_key),
'mode': modes.CBC(os.urandom(16))
}
}
print("Device OS, OS Release, Processor, Algorithm, Average")
for selected_algo in algos:
# go through each algorithm and run the test for each one 10x
times_to_repeat = 10000
i = 0
new_row['algo'] = selected_algo
total_run_time = 0
while times_to_repeat >= i:
# choose an algorithm for the test
algorithm_with_key = algos[selected_algo]
# record start time
new_row['start_time'] = int(round(time.time() * 10000000))
# encrypt the data
new_row['cypher_text'] = encryption_function(algorithm_with_key)
# connect to database
# record end time
new_row['end_time'] = int(round(time.time() * 10000000))
# subtract end from start time
new_row['total_time'] = (new_row['end_time'] -
new_row['start_time'])
# record test number
new_row['test_number'] = i
# decrement counter
i += 1
total_run_time += new_row['total_time']
# print result
#print("----\n%s algorithm on attempt %d took %d"%(selected_algo, i, new_row['total_time']))
#print("RAW ROW DATA %s ATTEMPT %d: %s"%(selected_algo,i,new_row))
print(
"%s, %s, %s, %s, %s" %
(device_details()['os']['name'], device_details()['os']['release'],
device_details()['processor'], selected_algo,
str(total_run_time / (times_to_repeat + 1))))
###############
#process_telemetry(device_profile())
from __future__ import absolute_import, division, print_function
import binascii
import os
import pytest
from cryptography.hazmat.primitives.ciphers import algorithms, modes
from .utils import generate_encrypt_test
from ...utils import load_nist_vectors
@pytest.mark.supported(
only_if=lambda backend: backend.cipher_supported(
algorithms.SEED("\x00" * 16), modes.ECB()),
skip_message="Does not support SEED ECB",
)
@pytest.mark.cipher
class TestSEEDModeECB(object):
test_ECB = generate_encrypt_test(
load_nist_vectors,
os.path.join("ciphers", "SEED"),
["rfc-4269.txt"],
lambda key, **kwargs: algorithms.SEED(binascii.unhexlify((key))),
lambda **kwargs: modes.ECB(),
)
@pytest.mark.supported(
only_if=lambda backend: backend.cipher_supported(
