4 from struct
import pack
5 from itertools
import izip
10 ###--------------------------------------------------------------------------
17 yield [things
[i
] for i
in ii
]
19 if j
== k
- 1: lim
= n
32 try: return POLYMAP
[nbits
]
34 base
= C
.GF(0).setbit(nbits
).setbit(0)
35 for k
in xrange(1, nbits
, 2):
36 for cc
in combs(range(1, nbits
), k
):
37 p
= base
+ sum(C
.GF(0).setbit(c
) for c
in cc
)
38 if p
.irreduciblep(): POLYMAP
[nbits
] = p
; return p
39 raise ValueError, nbits
42 return C
.ByteString
.zero(n
)
44 def mul_blk_gf(m
, x
, p
): return ((C
.GF
.loadb(m
)*x
)%p
).storeb((p
.nbits
+ 6)/8)
49 except StopIteration: raise ValueError, 'empty iter'
54 except StopIteration: lastp
= True
58 if len(x
): return hex(x
)
63 if isinstance(ksz
, C
.KeySZSet
): kk
= ksz
.set
64 elif isinstance(ksz
, C
.KeySZRange
): kk
= range(ksz
.min, ksz
.max, ksz
.mod
)
65 elif isinstance(ksz
, C
.KeySZAny
): kk
= range(64); sel
= [0]
66 kk
= list(kk
); kk
= kk
[:]
68 while n
and len(sel
) < 4:
71 kk
[i
], kk
[n
] = kk
[n
], kk
[i
]
80 return C
.ByteString(m
)
84 if r
: m
+= '\x80' + Z(r
- 1)
85 return C
.ByteString(m
)
89 while (i
&1) == 0: i
>>= 1; j
+= 1
93 v
, i
, n
= [], 0, len(x
)
95 v
.append(C
.ByteString(x
[i
:i
+ w
]))
97 return v
, C
.ByteString(x
[i
:])
103 if len(tl
) == w
: v
.append(tl
); tl
= EMPTY
108 ###--------------------------------------------------------------------------
111 class RC6Cipher (type):
112 def __new__(cls
, w
, r
):
113 name
= 'rc6-%d/%d' %
(w
, r
)
114 me
= type(name
, (RC6Base
,), {})
119 me
.keysz
= C
.KeySZRange(me
.blksz
, 1, 255, 1)
123 return w
.bit_length() - 1
126 m0
, m1
= C
.MP(0).setbit(w
- n
) - 1, C
.MP(0).setbit(n
) - 1
127 return ((x
&m0
) << n
) |
(x
>> (w
- n
))&m1
130 m0
, m1
= C
.MP(0).setbit(n
) - 1, C
.MP(0).setbit(w
- n
) - 1
131 return ((x
&m0
) << (w
- n
)) |
(x
>> n
)&m1
133 class RC6Base (object):
136 P400
= C
.MP(0xb7e151628aed2a6abf7158809cf4f3c762e7160f38b4da56a784d9045190cfef324e7738926cfbe5f4bf8d8d8c31d763da06)
137 Q400
= C
.MP(0x9e3779b97f4a7c15f39cc0605cedc8341082276bf3a27251f86c6a11d0c18e952767f0b153d27b7f0347045b5bf1827f0188)
141 ## Build the magic numbers.
142 P
= me
.P400
>> (400 - me
.w
)
144 Q
= me
.Q400
>> (400 - me
.w
)
146 M
= C
.MP(0).setbit(me
.w
) - 1
148 ## Convert the key into words.
150 c
= (len(k
) + wb
- 1)/wb
151 kb
, ktl
= blocks(k
, me
.w
/8)
152 L
= map(C
.MP
.loadl
, kb
+ [ktl
])
155 ## Build the subkey table.
158 S
= [(P
+ i
*Q
)&M
for i
in xrange(n
)]
160 ##for j in xrange(c):
161 ## print 'L[%3d] = %s' % (j, hex(L[j]).upper()[2:].rjust(2*wb, '0'))
162 ##for i in xrange(n):
163 ## print 'S[%3d] = %s' % (i, hex(S[i]).upper()[2:].rjust(2*wb, '0'))
168 for s
in xrange(3*max(c
, n
)):
169 A
= S
[i
] = rol(me
.w
, S
[i
] + A
+ B
, 3)
170 B
= L
[j
] = rol(me
.w
, L
[j
] + A
+ B
, (A
+ B
)%(1 << me
.d
))
171 ##print 'S[%3d] = %s' % (i, hex(S[i]).upper()[2:].rjust(2*wb, '0'))
172 ##print 'L[%3d] = %s' % (j, hex(L[j]).upper()[2:].rjust(2*wb, '0'))
180 M
= C
.MP(0).setbit(me
.w
) - 1
181 a
, b
, c
, d
= map(C
.MP
.loadl
, blocks0(x
, me
.blksz
/4)[0])
184 ##print 'B = %s' % (hex(b).upper()[2:].rjust(me.w/4, '0'))
185 ##print 'D = %s' % (hex(d).upper()[2:].rjust(me.w/4, '0'))
186 for i
in xrange(2, 2*me
.r
+ 2, 2):
187 t
= rol(me
.w
, 2*b
*b
+ b
, me
.d
)
188 u
= rol(me
.w
, 2*d
*d
+ d
, me
.d
)
189 a
= (rol(me
.w
, a ^ t
, u
%(1 << me
.d
)) + me
.s
[i
+ 0])&M
190 c
= (rol(me
.w
, c ^ u
, t
%(1 << me
.d
)) + me
.s
[i
+ 1])&M
191 ##print 'A = %s' % (hex(a).upper()[2:].rjust(me.w/4, '0'))
192 ##print 'C = %s' % (hex(c).upper()[2:].rjust(me.w/4, '0'))
193 a
, b
, c
, d
= b
, c
, d
, a
194 a
= (a
+ me
.s
[2*me
.r
+ 2])&M
195 c
= (c
+ me
.s
[2*me
.r
+ 3])&M
196 ##print 'A = %s' % (hex(a).upper()[2:].rjust(me.w/4, '0'))
197 ##print 'C = %s' % (hex(c).upper()[2:].rjust(me.w/4, '0'))
198 return C
.ByteString(a
.storel(me
.blksz
/4) + b
.storel(me
.blksz
/4) +
199 c
.storel(me
.blksz
/4) + d
.storel(me
.blksz
/4))
202 M
= C
.MP(0).setbit(me
.w
) - 1
203 a
, b
, c
, d
= map(C
.MP
.loadl
, blocks0(x
, me
.blksz
/4))
204 c
= (c
- me
.s
[2*me
.r
+ 3])&M
205 a
= (a
- me
.s
[2*me
.r
+ 2])&M
206 for i
in xrange(2*me
.r
+ 1, 1, -2):
207 a
, b
, c
, d
= d
, a
, b
, c
208 u
= rol(me
.w
, 2*d
*d
+ d
, me
.d
)
209 t
= rol(me
.w
, 2*b
*b
+ b
, me
.d
)
210 c
= ror(me
.w
, (c
- me
.s
[i
+ 1])&M
, t
%(1 << me
.d
)) ^ u
211 a
= ror(me
.w
, (a
- me
.s
[i
+ 0])&M
, u
%(1 << me
.d
)) ^ t
212 a
= (a
+ s
[2*me
.r
+ 2])&M
213 c
= (c
+ s
[2*me
.r
+ 3])&M
214 return C
.ByteString(a
.storel(me
.blksz
/4) + b
.storel(me
.blksz
/4) +
215 c
.storel(me
.blksz
/4) + d
.storel(me
.blksz
/4))
217 for (w
, r
) in [(8, 16), (16, 16), (24, 16), (32, 16),
218 (32, 20), (48, 16), (64, 16), (96, 16), (128, 16),
219 (192, 16), (256, 16), (400, 16)]:
220 CUSTOM
['rc6-%d/%d' %
(w
, r
)] = RC6Cipher(w
, r
)
222 ###--------------------------------------------------------------------------
226 blksz
= E
.__class__
.blksz
230 m0
= mul_blk_gf(L
, 2, p
)
231 m1
= mul_blk_gf(m0
, 2, p
)
235 blksz
= E
.__class__
.blksz
236 m0
, m1
= omac_masks(E
)
237 print 'L = %s' %
hex(E
.encrypt(Z(blksz
)))
238 print 'm0 = %s' %
hex(m0
)
239 print 'm1 = %s' %
hex(m1
)
241 print 'v%d = %s' %
(t
, hex(E
.encrypt(C
.MP(t
).storeb(blksz
))))
242 print 'z%d = %s' %
(t
, hex(omac(E
, t
, '')))
245 blksz
= E
.__class__
.blksz
246 m0
, m1
= omac_masks(E
)
248 if t
is not None: m
= C
.MP(t
).storeb(blksz
) + m
249 v
, tl
= blocks(m
, blksz
)
250 for x
in v
: a
= E
.encrypt(a ^ x
)
253 a
= E
.encrypt(a ^ tl ^ m0
)
255 pad
= pad10star(tl
, blksz
)
256 a
= E
.encrypt(a ^ pad ^ m1
)
260 if VERBOSE
: dump_omac(E
)
261 return omac(E
, None, m
),
268 ###--------------------------------------------------------------------------
271 class struct (object):
272 def __init__(me
, **kw
):
273 me
.__dict__
.update(kw
)
275 binarg
= struct(mk
= R
.block
, parse
= C
.bytes
, show
= safehex
)
276 intarg
= struct(mk
= lambda x
: x
, parse
= int, show
= None)
278 MODEMAP
= { 'cmac': (cmacgen
, [binarg
], cmac
) }
282 for d
in CUSTOM
, C
.gcprps
:
284 except KeyError: pass
286 if bc
is None: raise KeyError, argv
[2]
289 gen
, argty
, func
= MODEMAP
[mode
]
290 print '%s-%s {' %
(bc
.name
, mode
)
291 for ksz
in keylens(bc
.keysz
):
292 for argvals
in gen(bc
):
294 args
= [t
.mk(a
) for t
, a
in izip(argty
, argvals
)]
295 rets
= func(bc(k
), *args
)
296 print ' %s' % safehex
(k
)
297 for t
, a
in izip(argty
, args
):
298 if t
.show
: print ' %s' % t
.show(a
)
299 for r
, lastp
in with_lastp(rets
):
300 print ' %s%s' %
(safehex(r
), lastp
and ';' or '')
305 gen
, argty
, func
= MODEMAP
[mode
]
306 args
= [t
.parse(a
) for t
, a
in izip(argty
, argv
[4:])]
307 rets
= func(bc(k
), *args
)
308 for r
in rets
: print hex(r
)
310 ###----- That's all, folks --------------------------------------------------