def calc_keys(self):
"""Calculate sessions keys for encryption and hmac. Is based on pprime, b1b2, b3b4"""
twofish = Twofish.new(key=self.pprime, mode=Twofish.MODE_ECB)
self.enckey = twofish.decrypt(self.b1b2)
self.hshkey = twofish.decrypt(self.b3b4)
log.debug("Encryption key K: %s " % repr(self.enckey))
log.debug("HMAC Key L: %s " % repr(self.hshkey))
def decrypt_data(self):
"""Decrypt encrypted portion of header and data"""
log.debug("Creating Twofish object and adding key & iv")
twofish = Twofish.new(key=self.enckey,
mode=Twofish.MODE_CBC,
IV=self.iv)
log.debug("Decrypting data")
self.fulldata = twofish.decrypt(self.cryptdata)
def _get_encryption_object(self, key):
if self.type == "aes":
return AES.new(key, AES.MODE_ECB)
elif self.type == "serpent":
return Serpent.new(key, Serpent.MODE_ECB)
elif self.type == "twofish":
return TwoFish.new(key, TwoFish.MODE_ECB)
else:
return False
def _regen_b3b4(self):
"""Regenerate b3 and b4. This is the encrypted form of L.
"""
#tw = MCRYPT('twofish', 'ecb')
#tw.init(self.pprime)
#T = TwofishOld(self.pprime)
twofish = Twofish.new(key=self.pprime, mode=Twofish.MODE_ECB)
self.b3b4 = twofish.encrypt(self.hshkey)
log.debug("B3/B4 set to %s" % repr(self.b3b4))
def _get_encryption_object(self,key): if self.type == "aes": return AES.new(key, AES.MODE_ECB) elif self.type == "serpent": return Serpent.new(key, Serpent.MODE_ECB) elif self.type == "twofish": return TwoFish.new(key, TwoFish.MODE_ECB) else: return False
def _regen_b1b2(self):
"""Regenerate b1 and b2. This is the encrypted form of K.
"""
#tw = MCRYPT('twofish', 'ecb')
#tw.init(self.pprime)
#T = TwofishOld(self.pprime)
twofish = Twofish.new(key=self.pprime, mode=Twofish.MODE_ECB)
self.b1b2 = twofish.encrypt(self.enckey)
log.debug("B1/B2 set to %s" % repr(self.b1b2))
n = dict_xts_aes['n%i'%i].decode('hex')
cipher = python_AES.new(key,python_AES.MODE_XTS)
if cip <> cipher.encrypt(msg,n):
print 'ERROR! for XTS on %i'%i
print 'got %s \n expected %s'%(cipher.encrypt(msg,n).encode('hex'),cip.encode('hex'))
decipher = python_AES.new(key,python_AES.MODE_XTS)
if msg <> cipher.decrypt(cip,n):
print 'ERROR! for XTS (decrypt) on %i'%i
print 'got %s \n expected %s'%(decipher.decrypt(cip,n).encode('hex'),msg.encode('hex'))
# TWOFISH
print "Twofish"
from CryptoPlus.Cipher import python_Twofish
from CryptoPlus.testvectors import dict_twofish_ecb_vt_k128, dict_twofish_ecb_vt_k192, dict_twofish_ecb_vt_k256
from CryptoPlus.testvectors import dict_twofish_ecb_vk_k128, dict_twofish_ecb_vk_k192, dict_twofish_ecb_vk_k256
for d in dict_twofish_ecb_vt_k128, dict_twofish_ecb_vt_k192, dict_twofish_ecb_vt_k256,dict_twofish_ecb_vk_k128:
for i in range(0,len(d)/3):
msg = d['msg%i'%i].decode('hex')
key = d['key%i'%i].decode('hex')
cip = d['cip%i'%i].decode('hex')
cipher = python_Twofish.new(key,python_Twofish.MODE_ECB)
if cip <> cipher.encrypt(msg,n):
print 'ERROR! for Twofish on %i'%i
print 'got %s \n expected %s'%(cipher.encrypt(msg,n).encode('hex'),cip.encode('hex'))
decipher = python_Twofish.new(key,python_AES.MODE_ECB)
if msg <> cipher.decrypt(cip,n):
print 'DECRYPTION ERROR! for Twofish (decrypt) on %i'%i
print 'got %s \n expected %s'%(decipher.decrypt(cip,n).encode('hex'),msg.encode('hex'))
def encrypt_data(self):
"""Encrypted fulldata to cryptdata"""
twofish = Twofish.new(key=self.enckey,
mode=Twofish.MODE_CBC,
IV=self.iv)
self.cryptdata = twofish.encrypt(self.fulldata)
n = codecs.decode(dict_xts_aes['n%i'%i], 'hex')
cipher = python_AES.new(key,python_AES.MODE_XTS)
if cip != cipher.encrypt(msg,n):
print('ERROR! for XTS on %i'%i)
print('got %s \n expected %s'%(cipher.encrypt(msg,n).encode('hex'),cip.encode('hex')))
decipher = python_AES.new(key,python_AES.MODE_XTS)
if msg != cipher.decrypt(cip,n):
print('ERROR! for XTS (decrypt) on %i'%i)
print('got %s \n expected %s'%(decipher.decrypt(cip,n).encode('hex'),msg.encode('hex')))
# TWOFISH
print("Twofish")
from CryptoPlus.Cipher import python_Twofish
from CryptoPlus.testvectors import dict_twofish_ecb_vt_k128, dict_twofish_ecb_vt_k192, dict_twofish_ecb_vt_k256
from CryptoPlus.testvectors import dict_twofish_ecb_vk_k128, dict_twofish_ecb_vk_k192, dict_twofish_ecb_vk_k256
for d in dict_twofish_ecb_vt_k128, dict_twofish_ecb_vt_k192, dict_twofish_ecb_vt_k256,dict_twofish_ecb_vk_k128:
for i in range(0,len(d)//3):
msg = codecs.decode(d['msg%i'%i], 'hex')
key = codecs.decode(d['key%i'%i], 'hex')
cip = codecs.decode(d['cip%i'%i], 'hex')
cipher = python_Twofish.new(key,python_Twofish.MODE_ECB)
if cip != cipher.encrypt(msg,n):
print('ERROR! for Twofish on %i'%i)
print('got %s \n expected %s'%(cipher.encrypt(msg,n).encode('hex'),cip.encode('hex')))
decipher = python_Twofish.new(key,python_AES.MODE_ECB)
if msg != cipher.decrypt(cip,n):
print('DECRYPTION ERROR! for Twofish (decrypt) on %i'%i)
print('got %s \n expected %s'%(decipher.decrypt(cip,n).encode('hex'),msg.encode('hex')))
def twofish_cbc_encrypt(data, key, enc_iv):
"""Encrypt and return `data` with Twofish CBC."""
cipher = python_Twofish.new(key, python_Twofish.MODE_CBC, enc_iv)
return cipher.encrypt(data)