From 6bb0c4369ec43c6c3a83e58c1906f4c1f0d3a0dd Mon Sep 17 00:00:00 2001 From: Kévin Le Gouguec Date: Thu, 14 Mar 2019 15:42:29 +0100 Subject: [implem-python] Retrait de A_BITS/M_BITS (1/2) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit En passant : - remplacement de paramètres 0/1 par des booléens/des enums (pour TweakMessage en particulier, ça simplifie pas mal la logique) - construction de M (resp. C pour le déchiffrement) au fur et à mesure, i.e. avec des listes vides, plutôt qu'en pré-allouant des tableaux potentiellement trop gros en cas de padding --- python/constants.py | 3 +- python/lilliput_ae_1.py | 119 ++++++++++++++++++++++-------------------------- 2 files changed, 57 insertions(+), 65 deletions(-) diff --git a/python/constants.py b/python/constants.py index e8d8d03..764febb 100644 --- a/python/constants.py +++ b/python/constants.py @@ -1,4 +1,5 @@ -BLOCK_BYTES = 16 +BLOCK_BITS = 128 +BLOCK_BYTES = BLOCK_BITS//8 NONCE_BYTES = 15 diff --git a/python/lilliput_ae_1.py b/python/lilliput_ae_1.py index 4d2d2dc..6ab0cc3 100644 --- a/python/lilliput_ae_1.py +++ b/python/lilliput_ae_1.py @@ -3,25 +3,21 @@ """ import lilliput_tbc as ltbc -from constants import NONCE_BYTES +from constants import BLOCK_BITS, BLOCK_BYTES, NONCE_BYTES +from enum import Enum from helpers import ArrayToBlockbytesMatrix, BlockbytesMatrixToBytes -BLOCK_BITS = 128 KEY_BITS = 128 TWEAK_BITS = 192 TWEAKEY_BITS = KEY_BITS + TWEAK_BITS LANE_BITS = 64 LANES = int((TWEAKEY_BITS) / LANE_BITS) -BLOCK_BYTES = int(BLOCK_BITS / 8) KEY_BYTES = int(KEY_BITS / 8) TWEAK_BYTES = int(TWEAK_BITS / 8) TWEAKEY_BYTES = int(TWEAKEY_BITS / 8) -A_BITS = BLOCK_BITS -M_BITS = BLOCK_BITS - def InitParameters(key_bits) : global KEY_BITS @@ -83,7 +79,7 @@ def LowPart(array, number_bits) : ############################################################################### -def TweakAssociatedData(i, padded = 0) : +def TweakAssociatedData(i, padded) : tweak = [0 for byte in range(0, TWEAK_BYTES)] mask = 0xff @@ -93,7 +89,7 @@ def TweakAssociatedData(i, padded = 0) : mask = (0xf << (8 * (TWEAK_BYTES - 1))) tweak[TWEAK_BYTES - 1] = (i & mask) >> ((TWEAK_BYTES - 1) * 8) - if padded == 0 : + if not padded: tweak[TWEAK_BYTES - 1] |= 0x20 else : tweak[TWEAK_BYTES - 1] |= 0x60 @@ -102,22 +98,22 @@ def TweakAssociatedData(i, padded = 0) : def BuildAuth(A, key) : Auth = [0 for byte in range(0, BLOCK_BYTES)] - l_a = int(A_BITS / BLOCK_BITS) - if int(A_BITS % BLOCK_BITS) > 0 : - will_padd = 1 - else : - will_padd = 0 + l_a = len(A)//BLOCK_BYTES + + padding_bytes = len(A)%BLOCK_BYTES + + A = ArrayToBlockbytesMatrix(A) for i in range(0, l_a) : - tweak = TweakAssociatedData(i, padded = 0) + tweak = TweakAssociatedData(i, padded=False) enc = ltbc.LilliputTBCEnc(tweak, key, A[i]) Auth = XorState(Auth, enc) - if (A_BITS % BLOCK_BITS) == 0 : + if padding_bytes == 0: return Auth - tweak = TweakAssociatedData(l_a, padded = 1) - ad_padded = Padding10LSB(A[l_a], (A_BITS % BLOCK_BITS)) + tweak = TweakAssociatedData(l_a, padded=True) + ad_padded = Padding10LSB(A[l_a], padding_bytes*8) enc = ltbc.LilliputTBCEnc(tweak, key, ad_padded) Auth = XorState(Auth, enc) @@ -125,7 +121,14 @@ def BuildAuth(A, key) : ################################################################################ -def TweakMessage(N, j, null = 0, padded = 0, final_padded = 0) : +class _MessageTweak(Enum): + BLOCK = 0b000 + NO_PADDING = 0b0001 + PAD = 0b0100 + FINAL = 0b0101 + + +def TweakMessage(N, j, padding): tweak = [0 for byte in range(0, TWEAK_BYTES)] for byte in range(NONCE_BYTES-1, -1, -1) : tweak[byte + (TWEAK_BYTES-NONCE_BYTES)] |= (N[byte] & 0xf0) >> 4 @@ -135,44 +138,38 @@ def TweakMessage(N, j, null = 0, padded = 0, final_padded = 0) : for byte in range(TWEAK_BYTES-NONCE_BYTES-2, -1, -1) : tweak[byte] = (j >> (8 * byte)) & 0xff - if null == 1 : - tweak[TWEAK_BYTES - 1] |= 0x10 - if padded == 1 : - tweak[TWEAK_BYTES - 1] |= 0x40 - if final_padded == 1 : - tweak[TWEAK_BYTES - 1] |= 0x50 + tweak[-1] |= padding.value<<4 return tweak -def TreatMessageEnc(M, N, key) : +def TreatMessageEnc(M, N, key): checksum = [0 for byte in range(0, BLOCK_BYTES)] - l = int(M_BITS / BLOCK_BITS) - if int(M_BITS % BLOCK_BITS) > 0 : - will_padd = 1 - else : - will_padd = 0 + l = len(M)//BLOCK_BYTES + padding_bytes = len(M)%BLOCK_BYTES - C = [[0 for byte in range(0, BLOCK_BYTES)] for j in range(0, l + will_padd)] + M = ArrayToBlockbytesMatrix(M) + C = [] - for j in range(0, l) : + for j in range(0, l): checksum = XorState(checksum, M[j]) - tweak = TweakMessage(N, j, padded = 0) - C[j] = ltbc.LilliputTBCEnc(tweak, key, M[j]) + tweak = TweakMessage(N, j, _MessageTweak.BLOCK) + C.append(ltbc.LilliputTBCEnc(tweak, key, M[j])) - if will_padd == 0 : - tweak = TweakMessage(N, l, null = 1) + if padding_bytes == 0: + tweak = TweakMessage(N, l, _MessageTweak.NO_PADDING) Final = ltbc.LilliputTBCEnc(tweak, key, checksum) - else : - m_padded = Padding10LSB(M[l], M_BITS % BLOCK_BITS) + else: + m_padded = Padding10LSB(M[l], padding_bytes*8) checksum = XorState(checksum, m_padded) - tweak = TweakMessage(N, l, padded = 1) + tweak = TweakMessage(N, l, _MessageTweak.PAD) pad = ltbc.LilliputTBCEnc(tweak, key, [0 for byte in range(0, BLOCK_BYTES)]) - lower_part = LowPart(pad, M_BITS % BLOCK_BITS) - C[l] = XorState(M[l], lower_part) - tweak_final = TweakMessage(N, l+1, final_padded = 1) + + lower_part = LowPart(pad, padding_bytes*8) + C.append(XorState(M[l], lower_part)) + tweak_final = TweakMessage(N, l+1, _MessageTweak.FINAL) Final = ltbc.LilliputTBCEnc(tweak_final, key, checksum) return (Final, C) @@ -181,32 +178,30 @@ def TreatMessageEnc(M, N, key) : def TreatMessageDec(C, N, key) : checksum = [0 for byte in range(0, BLOCK_BYTES)] - l = int(M_BITS / BLOCK_BITS) - if int(M_BITS % BLOCK_BITS) > 0 : - will_padd = 1 - else : - will_padd = 0 + l = len(C)//BLOCK_BYTES + padding_bytes = len(C)%BLOCK_BYTES - M = [[0 for byte in range(0, BLOCK_BYTES)] for j in range(0, l + will_padd)] + C = ArrayToBlockbytesMatrix(C) + M = [] - for j in range(0, l) : - tweak = TweakMessage(N, j, padded = 0) - M[j] = ltbc.LilliputTBCDec(tweak, key, C[j]) + for j in range(0, l): + tweak = TweakMessage(N, j, _MessageTweak.BLOCK) + M.append(ltbc.LilliputTBCDec(tweak, key, C[j])) checksum = XorState(checksum, M[j]) - - if will_padd == 0 : - tweak = TweakMessage(N, l, null = 1) + if padding_bytes == 0: + tweak = TweakMessage(N, l, _MessageTweak.NO_PADDING) Final = ltbc.LilliputTBCEnc(tweak, key, checksum) - else : - tweak = TweakMessage(N, l, padded = 1) + else: + tweak = TweakMessage(N, l, _MessageTweak.PAD) pad = ltbc.LilliputTBCEnc(tweak, key, [0 for byte in range(0, BLOCK_BYTES)]) - lower_part = LowPart(pad, M_BITS % BLOCK_BITS) - M[l] = XorState(C[l], lower_part) - m_padded = Padding10LSB(M[l], M_BITS % BLOCK_BITS) + lower_part = LowPart(pad, padding_bytes*8) + M.append(XorState(C[l], lower_part)) + + m_padded = Padding10LSB(M[l], padding_bytes*8) checksum = XorState(checksum, m_padded) - tweak_final = TweakMessage(N, l+1, final_padded = 1) + tweak_final = TweakMessage(N, l+1, _MessageTweak.FINAL) Final = ltbc.LilliputTBCEnc(tweak_final, key, checksum) return (Final, M) @@ -223,8 +218,6 @@ def OCB3Enc(A, M, N, key) : A_BITS = len(A)*8 M_BITS = len(M)*8 - A = ArrayToBlockbytesMatrix(A) - M = ArrayToBlockbytesMatrix(M) K = list(key) Auth = BuildAuth(A, K) @@ -243,8 +236,6 @@ def OCB3Dec(A, C, N, tag, key) : A_BITS = len(A)*8 M_BITS = len(C)*8 - A = ArrayToBlockbytesMatrix(A) - C = ArrayToBlockbytesMatrix(C) K = list(key) Auth = BuildAuth(A, K) -- cgit v1.2.3