# coding: utf-8
# PyGOST -- Pure Python GOST cryptographic functions library
-# Copyright (C) 2015-2017 Sergey Matveev <stargrave@stargrave.org>
+# Copyright (C) 2015-2019 Sergey Matveev <stargrave@stargrave.org>
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
from pygost.gost3413 import pad2
from pygost.gost3413 import pad_size
+from pygost.gost3413 import unpad2
from pygost.utils import hexdec
from pygost.utils import strxor
from pygost.utils import xrange # pylint: disable=redefined-builtin
(13, 14, 4, 1, 7, 0, 5, 10, 3, 12, 8, 15, 6, 2, 9, 11),
(1, 3, 10, 9, 5, 11, 4, 15, 8, 6, 7, 14, 13, 0, 2, 12),
),
- "AppliedCryptography": (
- (4, 10, 9, 2, 13, 8, 0, 14, 6, 11, 1, 12, 7, 15, 5, 3),
- (14, 11, 4, 12, 6, 13, 15, 10, 2, 3, 8, 1, 0, 7, 5, 9),
- (5, 8, 1, 13, 10, 3, 4, 2, 14, 15, 12, 7, 6, 0, 9, 11),
- (7, 13, 10, 1, 0, 8, 9, 15, 14, 4, 6, 12, 11, 2, 5, 3),
- (6, 12, 7, 1, 5, 15, 13, 8, 4, 10, 9, 14, 0, 3, 11, 2),
- (4, 11, 10, 0, 7, 2, 1, 13, 3, 6, 8, 5, 9, 12, 15, 14),
- (13, 11, 4, 1, 3, 15, 5, 9, 0, 10, 14, 7, 6, 8, 2, 12),
- (1, 15, 13, 0, 5, 7, 10, 4, 9, 2, 3, 14, 6, 11, 8, 12),
- ),
"Gost28147_tc26_ParamZ": (
(12, 4, 6, 2, 10, 5, 11, 9, 14, 8, 13, 7, 0, 3, 15, 1),
(6, 8, 2, 3, 9, 10, 5, 12, 1, 14, 4, 7, 11, 13, 0, 15),
(7, 14, 12, 13, 9, 4, 8, 15, 10, 2, 6, 0, 3, 11, 5, 1),
),
}
+SBOXES["AppliedCryptography"] = SBOXES["GostR3411_94_TestParamSet"]
def _K(s, _in):
ecb_decrypt = partial(ecb, action=decrypt)
-def cbc_encrypt(key, data, iv=8 * b"\x00", pad=True, sbox=DEFAULT_SBOX):
+def cbc_encrypt(key, data, iv=8 * b"\x00", pad=True, sbox=DEFAULT_SBOX, mesh=False):
""" CBC encryption mode of operation
:param bytes key: encryption key
:type bool pad: perform ISO/IEC 7816-4 padding
:param sbox: S-box parameters to use
:type sbox: str, SBOXES'es key
+ :param bool mesh: enable key meshing
:returns: ciphertext
:rtype: bytes
raise ValueError("Data is not blocksize aligned")
ciphertext = [iv]
for i in xrange(0, len(data), BLOCKSIZE):
+ if mesh and i >= MESH_MAX_DATA and i % MESH_MAX_DATA == 0:
+ key, _ = meshing(key, iv, sbox=sbox)
ciphertext.append(ns2block(encrypt(sbox, key, block2ns(
strxor(ciphertext[-1], data[i:i + BLOCKSIZE])
))))
return b"".join(ciphertext)
-def cbc_decrypt(key, data, pad=True, sbox=DEFAULT_SBOX):
+def cbc_decrypt(key, data, pad=True, sbox=DEFAULT_SBOX, mesh=False):
""" CBC decryption mode of operation
:param bytes key: encryption key
:param bytes data: ciphertext
- :param iv: initialization vector
- :type iv: bytes, BLOCKSIZE length
:type bool pad: perform ISO/IEC 7816-4 unpadding after decryption
:param sbox: S-box parameters to use
:type sbox: str, SBOXES'es key
+ :param bool mesh: enable key meshing
:returns: plaintext
:rtype: bytes
"""
raise ValueError("Data is not blocksize aligned")
if len(data) < 2 * BLOCKSIZE:
raise ValueError("There is no either data, or IV in ciphertext")
+ iv = data[:BLOCKSIZE]
plaintext = []
for i in xrange(BLOCKSIZE, len(data), BLOCKSIZE):
+ if (
+ mesh and
+ (i - BLOCKSIZE) >= MESH_MAX_DATA and
+ (i - BLOCKSIZE) % MESH_MAX_DATA == 0
+ ):
+ key, _ = meshing(key, iv, sbox=sbox)
plaintext.append(strxor(
ns2block(decrypt(sbox, key, block2ns(data[i:i + BLOCKSIZE]))),
data[i - BLOCKSIZE:i],
))
if pad:
- last_block = bytearray(plaintext[-1])
- pad_index = last_block.rfind(b"\x80")
- if pad_index == -1:
- raise ValueError("Invalid padding")
- for c in last_block[pad_index + 1:]:
- if c != 0:
- raise ValueError("Invalid padding")
- plaintext[-1] = bytes(last_block[:pad_index])
+ plaintext[-1] = unpad2(plaintext[-1], BLOCKSIZE)
return b"".join(plaintext)