aboutsummaryrefslogtreecommitdiff
path: root/frozen_deps/Crypto/Cipher
diff options
context:
space:
mode:
Diffstat (limited to 'frozen_deps/Crypto/Cipher')
-rw-r--r--frozen_deps/Crypto/Cipher/AES.py115
-rw-r--r--frozen_deps/Crypto/Cipher/ARC2.py130
-rw-r--r--frozen_deps/Crypto/Cipher/ARC4.py120
-rw-r--r--frozen_deps/Crypto/Cipher/Blowfish.py121
-rw-r--r--frozen_deps/Crypto/Cipher/CAST.py123
-rw-r--r--frozen_deps/Crypto/Cipher/DES.py118
-rw-r--r--frozen_deps/Crypto/Cipher/DES3.py133
-rw-r--r--frozen_deps/Crypto/Cipher/PKCS1_OAEP.py255
-rw-r--r--frozen_deps/Crypto/Cipher/PKCS1_v1_5.py226
-rw-r--r--frozen_deps/Crypto/Cipher/XOR.py86
-rwxr-xr-xfrozen_deps/Crypto/Cipher/_AES.cpython-38-x86_64-linux-gnu.sobin43640 -> 0 bytes
-rwxr-xr-xfrozen_deps/Crypto/Cipher/_ARC2.cpython-38-x86_64-linux-gnu.sobin26904 -> 0 bytes
-rwxr-xr-xfrozen_deps/Crypto/Cipher/_ARC4.cpython-38-x86_64-linux-gnu.sobin18064 -> 0 bytes
-rwxr-xr-xfrozen_deps/Crypto/Cipher/_Blowfish.cpython-38-x86_64-linux-gnu.sobin35368 -> 0 bytes
-rwxr-xr-xfrozen_deps/Crypto/Cipher/_CAST.cpython-38-x86_64-linux-gnu.sobin35320 -> 0 bytes
-rwxr-xr-xfrozen_deps/Crypto/Cipher/_DES.cpython-38-x86_64-linux-gnu.sobin68560 -> 0 bytes
-rwxr-xr-xfrozen_deps/Crypto/Cipher/_DES3.cpython-38-x86_64-linux-gnu.sobin68560 -> 0 bytes
-rwxr-xr-xfrozen_deps/Crypto/Cipher/_XOR.cpython-38-x86_64-linux-gnu.sobin18096 -> 0 bytes
-rw-r--r--frozen_deps/Crypto/Cipher/__init__.py83
-rw-r--r--frozen_deps/Crypto/Cipher/blockalgo.py296
20 files changed, 0 insertions, 1806 deletions
diff --git a/frozen_deps/Crypto/Cipher/AES.py b/frozen_deps/Crypto/Cipher/AES.py
deleted file mode 100644
index 14f68d8..0000000
--- a/frozen_deps/Crypto/Cipher/AES.py
+++ /dev/null
@@ -1,115 +0,0 @@
-# -*- coding: utf-8 -*-
-#
-# Cipher/AES.py : AES
-#
-# ===================================================================
-# The contents of this file are dedicated to the public domain. To
-# the extent that dedication to the public domain is not available,
-# everyone is granted a worldwide, perpetual, royalty-free,
-# non-exclusive license to exercise all rights associated with the
-# contents of this file for any purpose whatsoever.
-# No rights are reserved.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
-# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
-# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
-# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
-# BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
-# ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
-# CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
-# SOFTWARE.
-# ===================================================================
-"""AES symmetric cipher
-
-AES `(Advanced Encryption Standard)`__ is a symmetric block cipher standardized
-by NIST_ . It has a fixed data block size of 16 bytes.
-Its keys can be 128, 192, or 256 bits long.
-
-AES is very fast and secure, and it is the de facto standard for symmetric
-encryption.
-
-As an example, encryption can be done as follows:
-
- >>> from Crypto.Cipher import AES
- >>> from Crypto import Random
- >>>
- >>> key = b'Sixteen byte key'
- >>> iv = Random.new().read(AES.block_size)
- >>> cipher = AES.new(key, AES.MODE_CFB, iv)
- >>> msg = iv + cipher.encrypt(b'Attack at dawn')
-
-.. __: http://en.wikipedia.org/wiki/Advanced_Encryption_Standard
-.. _NIST: http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf
-
-:undocumented: __revision__, __package__
-"""
-
-__revision__ = "$Id$"
-
-from Crypto.Cipher import blockalgo
-from Crypto.Cipher import _AES
-
-class AESCipher (blockalgo.BlockAlgo):
- """AES cipher object"""
-
- def __init__(self, key, *args, **kwargs):
- """Initialize an AES cipher object
-
- See also `new()` at the module level."""
- blockalgo.BlockAlgo.__init__(self, _AES, key, *args, **kwargs)
-
-def new(key, *args, **kwargs):
- """Create a new AES cipher
-
- :Parameters:
- key : byte string
- The secret key to use in the symmetric cipher.
- It must be 16 (*AES-128*), 24 (*AES-192*), or 32 (*AES-256*) bytes long.
- :Keywords:
- mode : a *MODE_** constant
- The chaining mode to use for encryption or decryption.
- Default is `MODE_ECB`.
- IV : byte string
- The initialization vector to use for encryption or decryption.
-
- It is ignored for `MODE_ECB` and `MODE_CTR`.
-
- For `MODE_OPENPGP`, IV must be `block_size` bytes long for encryption
- and `block_size` +2 bytes for decryption (in the latter case, it is
- actually the *encrypted* IV which was prefixed to the ciphertext).
- It is mandatory.
-
- For all other modes, it must be `block_size` bytes longs. It is optional and
- when not present it will be given a default value of all zeroes.
- counter : callable
- (*Only* `MODE_CTR`). A stateful function that returns the next
- *counter block*, which is a byte string of `block_size` bytes.
- For better performance, use `Crypto.Util.Counter`.
- segment_size : integer
- (*Only* `MODE_CFB`).The number of bits the plaintext and ciphertext
- are segmented in.
- It must be a multiple of 8. If 0 or not specified, it will be assumed to be 8.
-
- :Return: an `AESCipher` object
- """
- return AESCipher(key, *args, **kwargs)
-
-#: Electronic Code Book (ECB). See `blockalgo.MODE_ECB`.
-MODE_ECB = 1
-#: Cipher-Block Chaining (CBC). See `blockalgo.MODE_CBC`.
-MODE_CBC = 2
-#: Cipher FeedBack (CFB). See `blockalgo.MODE_CFB`.
-MODE_CFB = 3
-#: This mode should not be used.
-MODE_PGP = 4
-#: Output FeedBack (OFB). See `blockalgo.MODE_OFB`.
-MODE_OFB = 5
-#: CounTer Mode (CTR). See `blockalgo.MODE_CTR`.
-MODE_CTR = 6
-#: OpenPGP Mode. See `blockalgo.MODE_OPENPGP`.
-MODE_OPENPGP = 7
-#: Size of a data block (in bytes)
-block_size = 16
-#: Size of a key (in bytes)
-key_size = ( 16, 24, 32 )
-
diff --git a/frozen_deps/Crypto/Cipher/ARC2.py b/frozen_deps/Crypto/Cipher/ARC2.py
deleted file mode 100644
index b5234e6..0000000
--- a/frozen_deps/Crypto/Cipher/ARC2.py
+++ /dev/null
@@ -1,130 +0,0 @@
-# -*- coding: utf-8 -*-
-#
-# Cipher/ARC2.py : ARC2.py
-#
-# ===================================================================
-# The contents of this file are dedicated to the public domain. To
-# the extent that dedication to the public domain is not available,
-# everyone is granted a worldwide, perpetual, royalty-free,
-# non-exclusive license to exercise all rights associated with the
-# contents of this file for any purpose whatsoever.
-# No rights are reserved.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
-# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
-# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
-# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
-# BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
-# ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
-# CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
-# SOFTWARE.
-# ===================================================================
-"""RC2 symmetric cipher
-
-RC2_ (Rivest's Cipher version 2) is a symmetric block cipher designed
-by Ron Rivest in 1987. The cipher started as a proprietary design,
-that was reverse engineered and anonymously posted on Usenet in 1996.
-For this reason, the algorithm was first called *Alleged* RC2 (ARC2),
-since the company that owned RC2 (RSA Data Inc.) did not confirm whether
-the details leaked into public domain were really correct.
-
-The company eventually published its full specification in RFC2268_.
-
-RC2 has a fixed data block size of 8 bytes. Length of its keys can vary from
-8 to 128 bits. One particular property of RC2 is that the actual
-cryptographic strength of the key (*effective key length*) can be reduced
-via a parameter.
-
-Even though RC2 is not cryptographically broken, it has not been analyzed as
-thoroughly as AES, which is also faster than RC2.
-
-New designs should not use RC2.
-
-As an example, encryption can be done as follows:
-
- >>> from Crypto.Cipher import ARC2
- >>> from Crypto import Random
- >>>
- >>> key = b'Sixteen byte key'
- >>> iv = Random.new().read(ARC2.block_size)
- >>> cipher = ARC2.new(key, ARC2.MODE_CFB, iv)
- >>> msg = iv + cipher.encrypt(b'Attack at dawn')
-
-.. _RC2: http://en.wikipedia.org/wiki/RC2
-.. _RFC2268: http://tools.ietf.org/html/rfc2268
-
-:undocumented: __revision__, __package__
-"""
-
-__revision__ = "$Id$"
-
-from Crypto.Cipher import blockalgo
-from Crypto.Cipher import _ARC2
-
-class RC2Cipher (blockalgo.BlockAlgo):
- """RC2 cipher object"""
-
- def __init__(self, key, *args, **kwargs):
- """Initialize an ARC2 cipher object
-
- See also `new()` at the module level."""
- blockalgo.BlockAlgo.__init__(self, _ARC2, key, *args, **kwargs)
-
-def new(key, *args, **kwargs):
- """Create a new RC2 cipher
-
- :Parameters:
- key : byte string
- The secret key to use in the symmetric cipher.
- Its length can vary from 1 to 128 bytes.
- :Keywords:
- mode : a *MODE_** constant
- The chaining mode to use for encryption or decryption.
- Default is `MODE_ECB`.
- IV : byte string
- The initialization vector to use for encryption or decryption.
-
- It is ignored for `MODE_ECB` and `MODE_CTR`.
-
- For `MODE_OPENPGP`, IV must be `block_size` bytes long for encryption
- and `block_size` +2 bytes for decryption (in the latter case, it is
- actually the *encrypted* IV which was prefixed to the ciphertext).
- It is mandatory.
-
- For all other modes, it must be `block_size` bytes longs. It is optional and
- when not present it will be given a default value of all zeroes.
- counter : callable
- (*Only* `MODE_CTR`). A stateful function that returns the next
- *counter block*, which is a byte string of `block_size` bytes.
- For better performance, use `Crypto.Util.Counter`.
- segment_size : integer
- (*Only* `MODE_CFB`).The number of bits the plaintext and ciphertext
- are segmented in.
- It must be a multiple of 8. If 0 or not specified, it will be assumed to be 8.
- effective_keylen : integer
- Maximum cryptographic strength of the key, in bits.
- It can vary from 0 to 1024. The default value is 1024.
-
- :Return: an `RC2Cipher` object
- """
- return RC2Cipher(key, *args, **kwargs)
-
-#: Electronic Code Book (ECB). See `blockalgo.MODE_ECB`.
-MODE_ECB = 1
-#: Cipher-Block Chaining (CBC). See `blockalgo.MODE_CBC`.
-MODE_CBC = 2
-#: Cipher FeedBack (CFB). See `blockalgo.MODE_CFB`.
-MODE_CFB = 3
-#: This mode should not be used.
-MODE_PGP = 4
-#: Output FeedBack (OFB). See `blockalgo.MODE_OFB`.
-MODE_OFB = 5
-#: CounTer Mode (CTR). See `blockalgo.MODE_CTR`.
-MODE_CTR = 6
-#: OpenPGP Mode. See `blockalgo.MODE_OPENPGP`.
-MODE_OPENPGP = 7
-#: Size of a data block (in bytes)
-block_size = 8
-#: Size of a key (in bytes)
-key_size = range(1,16+1)
-
diff --git a/frozen_deps/Crypto/Cipher/ARC4.py b/frozen_deps/Crypto/Cipher/ARC4.py
deleted file mode 100644
index d83f75b..0000000
--- a/frozen_deps/Crypto/Cipher/ARC4.py
+++ /dev/null
@@ -1,120 +0,0 @@
-# -*- coding: utf-8 -*-
-#
-# Cipher/ARC4.py : ARC4
-#
-# ===================================================================
-# The contents of this file are dedicated to the public domain. To
-# the extent that dedication to the public domain is not available,
-# everyone is granted a worldwide, perpetual, royalty-free,
-# non-exclusive license to exercise all rights associated with the
-# contents of this file for any purpose whatsoever.
-# No rights are reserved.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
-# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
-# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
-# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
-# BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
-# ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
-# CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
-# SOFTWARE.
-# ===================================================================
-"""ARC4 symmetric cipher
-
-ARC4_ (Alleged RC4) is an implementation of RC4 (Rivest's Cipher version 4),
-a symmetric stream cipher designed by Ron Rivest in 1987.
-
-The cipher started as a proprietary design, that was reverse engineered and
-anonymously posted on Usenet in 1994. The company that owns RC4 (RSA Data
-Inc.) never confirmed the correctness of the leaked algorithm.
-
-Unlike RC2, the company has never published the full specification of RC4,
-of whom it still holds the trademark.
-
-ARC4 keys can vary in length from 40 to 2048 bits.
-
-One problem of ARC4 is that it does not take a nonce or an IV. If it is required
-to encrypt multiple messages with the same long-term key, a distinct
-independent nonce must be created for each message, and a short-term key must
-be derived from the combination of the long-term key and the nonce.
-Due to the weak key scheduling algorithm of RC2, the combination must be carried
-out with a complex function (e.g. a cryptographic hash) and not by simply
-concatenating key and nonce.
-
-New designs should not use ARC4. A good alternative is AES
-(`Crypto.Cipher.AES`) in any of the modes that turn it into a stream cipher (OFB, CFB, or CTR).
-
-As an example, encryption can be done as follows:
-
- >>> from Crypto.Cipher import ARC4
- >>> from Crypto.Hash import SHA
- >>> from Crypto import Random
- >>>
- >>> key = b'Very long and confidential key'
- >>> nonce = Random.new().read(16)
- >>> tempkey = SHA.new(key+nonce).digest()
- >>> cipher = ARC4.new(tempkey)
- >>> msg = nonce + cipher.encrypt(b'Open the pod bay doors, HAL')
-
-.. _ARC4: http://en.wikipedia.org/wiki/RC4
-
-:undocumented: __revision__, __package__
-"""
-
-__revision__ = "$Id$"
-
-from Crypto.Cipher import _ARC4
-
-class ARC4Cipher:
- """ARC4 cipher object"""
-
-
- def __init__(self, key, *args, **kwargs):
- """Initialize an ARC4 cipher object
-
- See also `new()` at the module level."""
-
- self._cipher = _ARC4.new(key, *args, **kwargs)
- self.block_size = self._cipher.block_size
- self.key_size = self._cipher.key_size
-
- def encrypt(self, plaintext):
- """Encrypt a piece of data.
-
- :Parameters:
- plaintext : byte string
- The piece of data to encrypt. It can be of any size.
- :Return: the encrypted data (byte string, as long as the
- plaintext).
- """
- return self._cipher.encrypt(plaintext)
-
- def decrypt(self, ciphertext):
- """Decrypt a piece of data.
-
- :Parameters:
- ciphertext : byte string
- The piece of data to decrypt. It can be of any size.
- :Return: the decrypted data (byte string, as long as the
- ciphertext).
- """
- return self._cipher.decrypt(ciphertext)
-
-def new(key, *args, **kwargs):
- """Create a new ARC4 cipher
-
- :Parameters:
- key : byte string
- The secret key to use in the symmetric cipher.
- It can have any length, with a minimum of 40 bytes.
- Its cryptograpic strength is always capped to 2048 bits (256 bytes).
-
- :Return: an `ARC4Cipher` object
- """
- return ARC4Cipher(key, *args, **kwargs)
-
-#: Size of a data block (in bytes)
-block_size = 1
-#: Size of a key (in bytes)
-key_size = range(1,256+1)
-
diff --git a/frozen_deps/Crypto/Cipher/Blowfish.py b/frozen_deps/Crypto/Cipher/Blowfish.py
deleted file mode 100644
index 8c81d96..0000000
--- a/frozen_deps/Crypto/Cipher/Blowfish.py
+++ /dev/null
@@ -1,121 +0,0 @@
-# -*- coding: utf-8 -*-
-#
-# Cipher/Blowfish.py : Blowfish
-#
-# ===================================================================
-# The contents of this file are dedicated to the public domain. To
-# the extent that dedication to the public domain is not available,
-# everyone is granted a worldwide, perpetual, royalty-free,
-# non-exclusive license to exercise all rights associated with the
-# contents of this file for any purpose whatsoever.
-# No rights are reserved.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
-# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
-# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
-# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
-# BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
-# ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
-# CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
-# SOFTWARE.
-# ===================================================================
-"""Blowfish symmetric cipher
-
-Blowfish_ is a symmetric block cipher designed by Bruce Schneier.
-
-It has a fixed data block size of 8 bytes and its keys can vary in length
-from 32 to 448 bits (4 to 56 bytes).
-
-Blowfish is deemed secure and it is fast. However, its keys should be chosen
-to be big enough to withstand a brute force attack (e.g. at least 16 bytes).
-
-As an example, encryption can be done as follows:
-
- >>> from Crypto.Cipher import Blowfish
- >>> from Crypto import Random
- >>> from struct import pack
- >>>
- >>> bs = Blowfish.block_size
- >>> key = b'An arbitrarily long key'
- >>> iv = Random.new().read(bs)
- >>> cipher = Blowfish.new(key, Blowfish.MODE_CBC, iv)
- >>> plaintext = b'docendo discimus '
- >>> plen = bs - divmod(len(plaintext),bs)[1]
- >>> padding = [plen]*plen
- >>> padding = pack('b'*plen, *padding)
- >>> msg = iv + cipher.encrypt(plaintext + padding)
-
-.. _Blowfish: http://www.schneier.com/blowfish.html
-
-:undocumented: __revision__, __package__
-"""
-
-__revision__ = "$Id$"
-
-from Crypto.Cipher import blockalgo
-from Crypto.Cipher import _Blowfish
-
-class BlowfishCipher (blockalgo.BlockAlgo):
- """Blowfish cipher object"""
-
- def __init__(self, key, *args, **kwargs):
- """Initialize a Blowfish cipher object
-
- See also `new()` at the module level."""
- blockalgo.BlockAlgo.__init__(self, _Blowfish, key, *args, **kwargs)
-
-def new(key, *args, **kwargs):
- """Create a new Blowfish cipher
-
- :Parameters:
- key : byte string
- The secret key to use in the symmetric cipher.
- Its length can vary from 4 to 56 bytes.
- :Keywords:
- mode : a *MODE_** constant
- The chaining mode to use for encryption or decryption.
- Default is `MODE_ECB`.
- IV : byte string
- The initialization vector to use for encryption or decryption.
-
- It is ignored for `MODE_ECB` and `MODE_CTR`.
-
- For `MODE_OPENPGP`, IV must be `block_size` bytes long for encryption
- and `block_size` +2 bytes for decryption (in the latter case, it is
- actually the *encrypted* IV which was prefixed to the ciphertext).
- It is mandatory.
-
- For all other modes, it must be `block_size` bytes longs. It is optional and
- when not present it will be given a default value of all zeroes.
- counter : callable
- (*Only* `MODE_CTR`). A stateful function that returns the next
- *counter block*, which is a byte string of `block_size` bytes.
- For better performance, use `Crypto.Util.Counter`.
- segment_size : integer
- (*Only* `MODE_CFB`).The number of bits the plaintext and ciphertext
- are segmented in.
- It must be a multiple of 8. If 0 or not specified, it will be assumed to be 8.
-
- :Return: a `BlowfishCipher` object
- """
- return BlowfishCipher(key, *args, **kwargs)
-
-#: Electronic Code Book (ECB). See `blockalgo.MODE_ECB`.
-MODE_ECB = 1
-#: Cipher-Block Chaining (CBC). See `blockalgo.MODE_CBC`.
-MODE_CBC = 2
-#: Cipher FeedBack (CFB). See `blockalgo.MODE_CFB`.
-MODE_CFB = 3
-#: This mode should not be used.
-MODE_PGP = 4
-#: Output FeedBack (OFB). See `blockalgo.MODE_OFB`.
-MODE_OFB = 5
-#: CounTer Mode (CTR). See `blockalgo.MODE_CTR`.
-MODE_CTR = 6
-#: OpenPGP Mode. See `blockalgo.MODE_OPENPGP`.
-MODE_OPENPGP = 7
-#: Size of a data block (in bytes)
-block_size = 8
-#: Size of a key (in bytes)
-key_size = range(4,56+1)
-
diff --git a/frozen_deps/Crypto/Cipher/CAST.py b/frozen_deps/Crypto/Cipher/CAST.py
deleted file mode 100644
index 89543b2..0000000
--- a/frozen_deps/Crypto/Cipher/CAST.py
+++ /dev/null
@@ -1,123 +0,0 @@
-# -*- coding: utf-8 -*-
-#
-# Cipher/CAST.py : CAST
-#
-# ===================================================================
-# The contents of this file are dedicated to the public domain. To
-# the extent that dedication to the public domain is not available,
-# everyone is granted a worldwide, perpetual, royalty-free,
-# non-exclusive license to exercise all rights associated with the
-# contents of this file for any purpose whatsoever.
-# No rights are reserved.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
-# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
-# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
-# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
-# BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
-# ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
-# CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
-# SOFTWARE.
-# ===================================================================
-"""CAST-128 symmetric cipher
-
-CAST-128_ (or CAST5) is a symmetric block cipher specified in RFC2144_.
-
-It has a fixed data block size of 8 bytes. Its key can vary in length
-from 40 to 128 bits.
-
-CAST is deemed to be cryptographically secure, but its usage is not widespread.
-Keys of sufficient length should be used to prevent brute force attacks
-(128 bits are recommended).
-
-As an example, encryption can be done as follows:
-
- >>> from Crypto.Cipher import CAST
- >>> from Crypto import Random
- >>>
- >>> key = b'Sixteen byte key'
- >>> iv = Random.new().read(CAST.block_size)
- >>> cipher = CAST.new(key, CAST.MODE_OPENPGP, iv)
- >>> plaintext = b'sona si latine loqueris '
- >>> msg = cipher.encrypt(plaintext)
- >>>
- ...
- >>> eiv = msg[:CAST.block_size+2]
- >>> ciphertext = msg[CAST.block_size+2:]
- >>> cipher = CAST.new(key, CAST.MODE_OPENPGP, eiv)
- >>> print cipher.decrypt(ciphertext)
-
-.. _CAST-128: http://en.wikipedia.org/wiki/CAST-128
-.. _RFC2144: http://tools.ietf.org/html/rfc2144
-
-:undocumented: __revision__, __package__
-"""
-
-__revision__ = "$Id$"
-
-from Crypto.Cipher import blockalgo
-from Crypto.Cipher import _CAST
-
-class CAST128Cipher(blockalgo.BlockAlgo):
- """CAST-128 cipher object"""
-
- def __init__(self, key, *args, **kwargs):
- """Initialize a CAST-128 cipher object
-
- See also `new()` at the module level."""
- blockalgo.BlockAlgo.__init__(self, _CAST, key, *args, **kwargs)
-
-def new(key, *args, **kwargs):
- """Create a new CAST-128 cipher
-
- :Parameters:
- key : byte string
- The secret key to use in the symmetric cipher.
- Its length may vary from 5 to 16 bytes.
- :Keywords:
- mode : a *MODE_** constant
- The chaining mode to use for encryption or decryption.
- Default is `MODE_ECB`.
- IV : byte string
- The initialization vector to use for encryption or decryption.
-
- It is ignored for `MODE_ECB` and `MODE_CTR`.
-
- For `MODE_OPENPGP`, IV must be `block_size` bytes long for encryption
- and `block_size` +2 bytes for decryption (in the latter case, it is
- actually the *encrypted* IV which was prefixed to the ciphertext).
- It is mandatory.
-
- For all other modes, it must be `block_size` bytes longs. It is optional and
- when not present it will be given a default value of all zeroes.
- counter : callable
- (*Only* `MODE_CTR`). A stateful function that returns the next
- *counter block*, which is a byte string of `block_size` bytes.
- For better performance, use `Crypto.Util.Counter`.
- segment_size : integer
- (*Only* `MODE_CFB`).The number of bits the plaintext and ciphertext
- are segmented in.
- It must be a multiple of 8. If 0 or not specified, it will be assumed to be 8.
-
- :Return: an `CAST128Cipher` object
- """
- return CAST128Cipher(key, *args, **kwargs)
-
-#: Electronic Code Book (ECB). See `blockalgo.MODE_ECB`.
-MODE_ECB = 1
-#: Cipher-Block Chaining (CBC). See `blockalgo.MODE_CBC`.
-MODE_CBC = 2
-#: Cipher FeedBack (CFB). See `blockalgo.MODE_CFB`.
-MODE_CFB = 3
-#: This mode should not be used.
-MODE_PGP = 4
-#: Output FeedBack (OFB). See `blockalgo.MODE_OFB`.
-MODE_OFB = 5
-#: CounTer Mode (CTR). See `blockalgo.MODE_CTR`.
-MODE_CTR = 6
-#: OpenPGP Mode. See `blockalgo.MODE_OPENPGP`.
-MODE_OPENPGP = 7
-#: Size of a data block (in bytes)
-block_size = 8
-#: Size of a key (in bytes)
-key_size = range(5,16+1)
diff --git a/frozen_deps/Crypto/Cipher/DES.py b/frozen_deps/Crypto/Cipher/DES.py
deleted file mode 100644
index 2fae42f..0000000
--- a/frozen_deps/Crypto/Cipher/DES.py
+++ /dev/null
@@ -1,118 +0,0 @@
-# -*- coding: utf-8 -*-
-#
-# Cipher/DES.py : DES
-#
-# ===================================================================
-# The contents of this file are dedicated to the public domain. To
-# the extent that dedication to the public domain is not available,
-# everyone is granted a worldwide, perpetual, royalty-free,
-# non-exclusive license to exercise all rights associated with the
-# contents of this file for any purpose whatsoever.
-# No rights are reserved.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
-# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
-# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
-# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
-# BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
-# ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
-# CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
-# SOFTWARE.
-# ===================================================================
-"""DES symmetric cipher
-
-DES `(Data Encryption Standard)`__ is a symmetric block cipher standardized
-by NIST_ . It has a fixed data block size of 8 bytes.
-Its keys are 64 bits long, even though 8 bits were used for integrity (now they
-are ignored) and do not contribute to securty.
-
-DES is cryptographically secure, but its key length is too short by nowadays
-standards and it could be brute forced with some effort.
-
-DES should not be used for new designs. Use `AES`.
-
-As an example, encryption can be done as follows:
-
- >>> from Crypto.Cipher import DES3
- >>> from Crypto import Random
- >>>
- >>> key = b'Sixteen byte key'
- >>> iv = Random.new().read(DES3.block_size)
- >>> cipher = DES3.new(key, DES3.MODE_OFB, iv)
- >>> plaintext = b'sona si latine loqueris '
- >>> msg = iv + cipher.encrypt(plaintext)
-
-.. __: http://en.wikipedia.org/wiki/Data_Encryption_Standard
-.. _NIST: http://csrc.nist.gov/publications/fips/fips46-3/fips46-3.pdf
-
-:undocumented: __revision__, __package__
-"""
-
-__revision__ = "$Id$"
-
-from Crypto.Cipher import blockalgo
-from Crypto.Cipher import _DES
-
-class DESCipher(blockalgo.BlockAlgo):
- """DES cipher object"""
-
- def __init__(self, key, *args, **kwargs):
- """Initialize a DES cipher object
-
- See also `new()` at the module level."""
- blockalgo.BlockAlgo.__init__(self, _DES, key, *args, **kwargs)
-
-def new(key, *args, **kwargs):
- """Create a new DES cipher
-
- :Parameters:
- key : byte string
- The secret key to use in the symmetric cipher.
- It must be 8 byte long. The parity bits will be ignored.
- :Keywords:
- mode : a *MODE_** constant
- The chaining mode to use for encryption or decryption.
- Default is `MODE_ECB`.
- IV : byte string
- The initialization vector to use for encryption or decryption.
-
- It is ignored for `MODE_ECB` and `MODE_CTR`.
-
- For `MODE_OPENPGP`, IV must be `block_size` bytes long for encryption
- and `block_size` +2 bytes for decryption (in the latter case, it is
- actually the *encrypted* IV which was prefixed to the ciphertext).
- It is mandatory.
-
- For all other modes, it must be `block_size` bytes longs. It is optional and
- when not present it will be given a default value of all zeroes.
- counter : callable
- (*Only* `MODE_CTR`). A stateful function that returns the next
- *counter block*, which is a byte string of `block_size` bytes.
- For better performance, use `Crypto.Util.Counter`.
- segment_size : integer
- (*Only* `MODE_CFB`).The number of bits the plaintext and ciphertext
- are segmented in.
- It must be a multiple of 8. If 0 or not specified, it will be assumed to be 8.
-
- :Return: an `DESCipher` object
- """
- return DESCipher(key, *args, **kwargs)
-
-#: Electronic Code Book (ECB). See `blockalgo.MODE_ECB`.
-MODE_ECB = 1
-#: Cipher-Block Chaining (CBC). See `blockalgo.MODE_CBC`.
-MODE_CBC = 2
-#: Cipher FeedBack (CFB). See `blockalgo.MODE_CFB`.
-MODE_CFB = 3
-#: This mode should not be used.
-MODE_PGP = 4
-#: Output FeedBack (OFB). See `blockalgo.MODE_OFB`.
-MODE_OFB = 5
-#: CounTer Mode (CTR). See `blockalgo.MODE_CTR`.
-MODE_CTR = 6
-#: OpenPGP Mode. See `blockalgo.MODE_OPENPGP`.
-MODE_OPENPGP = 7
-#: Size of a data block (in bytes)
-block_size = 8
-#: Size of a key (in bytes)
-key_size = 8
diff --git a/frozen_deps/Crypto/Cipher/DES3.py b/frozen_deps/Crypto/Cipher/DES3.py
deleted file mode 100644
index 7fedac8..0000000
--- a/frozen_deps/Crypto/Cipher/DES3.py
+++ /dev/null
@@ -1,133 +0,0 @@
-# -*- coding: utf-8 -*-
-#
-# Cipher/DES3.py : DES3
-#
-# ===================================================================
-# The contents of this file are dedicated to the public domain. To
-# the extent that dedication to the public domain is not available,
-# everyone is granted a worldwide, perpetual, royalty-free,
-# non-exclusive license to exercise all rights associated with the
-# contents of this file for any purpose whatsoever.
-# No rights are reserved.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
-# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
-# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
-# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
-# BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
-# ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
-# CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
-# SOFTWARE.
-# ===================================================================
-"""Triple DES symmetric cipher
-
-`Triple DES`__ (or TDES or TDEA or 3DES) is a symmetric block cipher standardized by NIST_.
-It has a fixed data block size of 8 bytes. Its keys are 128 (*Option 1*) or 192
-bits (*Option 2*) long.
-However, 1 out of 8 bits is used for redundancy and do not contribute to
-security. The effective key length is respectively 112 or 168 bits.
-
-TDES consists of the concatenation of 3 simple `DES` ciphers.
-
-The plaintext is first DES encrypted with *K1*, then decrypted with *K2*,
-and finally encrypted again with *K3*. The ciphertext is decrypted in the reverse manner.
-
-The 192 bit key is a bundle of three 64 bit independent subkeys: *K1*, *K2*, and *K3*.
-
-The 128 bit key is split into *K1* and *K2*, whereas *K1=K3*.
-
-It is important that all subkeys are different, otherwise TDES would degrade to
-single `DES`.
-
-TDES is cryptographically secure, even though it is neither as secure nor as fast
-as `AES`.
-
-As an example, encryption can be done as follows:
-
- >>> from Crypto.Cipher import DES
- >>> from Crypto import Random
- >>> from Crypto.Util import Counter
- >>>
- >>> key = b'-8B key-'
- >>> nonce = Random.new().read(DES.block_size/2)
- >>> ctr = Counter.new(DES.block_size*8/2, prefix=nonce)
- >>> cipher = DES.new(key, DES.MODE_CTR, counter=ctr)
- >>> plaintext = b'We are no longer the knights who say ni!'
- >>> msg = nonce + cipher.encrypt(plaintext)
-
-.. __: http://en.wikipedia.org/wiki/Triple_DES
-.. _NIST: http://csrc.nist.gov/publications/nistpubs/800-67/SP800-67.pdf
-
-:undocumented: __revision__, __package__
-"""
-
-__revision__ = "$Id$"
-
-from Crypto.Cipher import blockalgo
-from Crypto.Cipher import _DES3
-
-class DES3Cipher(blockalgo.BlockAlgo):
- """TDES cipher object"""
-
- def __init__(self, key, *args, **kwargs):
- """Initialize a TDES cipher object
-
- See also `new()` at the module level."""
- blockalgo.BlockAlgo.__init__(self, _DES3, key, *args, **kwargs)
-
-def new(key, *args, **kwargs):
- """Create a new TDES cipher
-
- :Parameters:
- key : byte string
- The secret key to use in the symmetric cipher.
- It must be 16 or 24 bytes long. The parity bits will be ignored.
- :Keywords:
- mode : a *MODE_** constant
- The chaining mode to use for encryption or decryption.
- Default is `MODE_ECB`.
- IV : byte string
- The initialization vector to use for encryption or decryption.
-
- It is ignored for `MODE_ECB` and `MODE_CTR`.
-
- For `MODE_OPENPGP`, IV must be `block_size` bytes long for encryption
- and `block_size` +2 bytes for decryption (in the latter case, it is
- actually the *encrypted* IV which was prefixed to the ciphertext).
- It is mandatory.
-
- For all other modes, it must be `block_size` bytes longs. It is optional and
- when not present it will be given a default value of all zeroes.
- counter : callable
- (*Only* `MODE_CTR`). A stateful function that returns the next
- *counter block*, which is a byte string of `block_size` bytes.
- For better performance, use `Crypto.Util.Counter`.
- segment_size : integer
- (*Only* `MODE_CFB`).The number of bits the plaintext and ciphertext
- are segmented in.
- It must be a multiple of 8. If 0 or not specified, it will be assumed to be 8.
-
- :Attention: it is important that all 8 byte subkeys are different,
- otherwise TDES would degrade to single `DES`.
- :Return: an `DES3Cipher` object
- """
- return DES3Cipher(key, *args, **kwargs)
-
-#: Electronic Code Book (ECB). See `blockalgo.MODE_ECB`.
-MODE_ECB = 1
-#: Cipher-Block Chaining (CBC). See `blockalgo.MODE_CBC`.
-MODE_CBC = 2
-#: Cipher FeedBack (CFB). See `blockalgo.MODE_CFB`.
-MODE_CFB = 3
-#: This mode should not be used.
-MODE_PGP = 4
-#: Output FeedBack (OFB). See `blockalgo.MODE_OFB`.
-MODE_OFB = 5
-#: CounTer Mode (CTR). See `blockalgo.MODE_CTR`.
-MODE_CTR = 6
-#: OpenPGP Mode. See `blockalgo.MODE_OPENPGP`.
-MODE_OPENPGP = 7
-#: Size of a data block (in bytes)
-block_size = 8
-#: Size of a key (in bytes)
-key_size = ( 16, 24 )
diff --git a/frozen_deps/Crypto/Cipher/PKCS1_OAEP.py b/frozen_deps/Crypto/Cipher/PKCS1_OAEP.py
deleted file mode 100644
index 2738ce3..0000000
--- a/frozen_deps/Crypto/Cipher/PKCS1_OAEP.py
+++ /dev/null
@@ -1,255 +0,0 @@
-# -*- coding: utf-8 -*-
-#
-# Cipher/PKCS1_OAEP.py : PKCS#1 OAEP
-#
-# ===================================================================
-# The contents of this file are dedicated to the public domain. To
-# the extent that dedication to the public domain is not available,
-# everyone is granted a worldwide, perpetual, royalty-free,
-# non-exclusive license to exercise all rights associated with the
-# contents of this file for any purpose whatsoever.
-# No rights are reserved.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
-# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
-# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
-# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
-# BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
-# ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
-# CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
-# SOFTWARE.
-# ===================================================================
-
-"""RSA encryption protocol according to PKCS#1 OAEP
-
-See RFC3447__ or the `original RSA Labs specification`__ .
-
-This scheme is more properly called ``RSAES-OAEP``.
-
-As an example, a sender may encrypt a message in this way:
-
- >>> from Crypto.Cipher import PKCS1_OAEP
- >>> from Crypto.PublicKey import RSA
- >>>
- >>> message = 'To be encrypted'
- >>> key = RSA.importKey(open('pubkey.der').read())
- >>> cipher = PKCS1_OAEP.new(key)
- >>> ciphertext = cipher.encrypt(message)
-
-At the receiver side, decryption can be done using the private part of
-the RSA key:
-
- >>> key = RSA.importKey(open('privkey.der').read())
- >>> cipher = PKCS1_OAP.new(key)
- >>> message = cipher.decrypt(ciphertext)
-
-:undocumented: __revision__, __package__
-
-.. __: http://www.ietf.org/rfc/rfc3447.txt
-.. __: http://www.rsa.com/rsalabs/node.asp?id=2125.
-"""
-
-
-
-__revision__ = "$Id$"
-__all__ = [ 'new', 'PKCS1OAEP_Cipher' ]
-
-import Crypto.Signature.PKCS1_PSS
-import Crypto.Hash.SHA
-
-from Crypto.Util.py3compat import *
-import Crypto.Util.number
-from Crypto.Util.number import ceil_div
-from Crypto.Util.strxor import strxor
-
-class PKCS1OAEP_Cipher:
- """This cipher can perform PKCS#1 v1.5 OAEP encryption or decryption."""
-
- def __init__(self, key, hashAlgo, mgfunc, label):
- """Initialize this PKCS#1 OAEP cipher object.
-
- :Parameters:
- key : an RSA key object
- If a private half is given, both encryption and decryption are possible.
- If a public half is given, only encryption is possible.
- hashAlgo : hash object
- The hash function to use. This can be a module under `Crypto.Hash`
- or an existing hash object created from any of such modules. If not specified,
- `Crypto.Hash.SHA` (that is, SHA-1) is used.
- mgfunc : callable
- A mask generation function that accepts two parameters: a string to
- use as seed, and the lenth of the mask to generate, in bytes.
- If not specified, the standard MGF1 is used (a safe choice).
- label : string
- A label to apply to this particular encryption. If not specified,
- an empty string is used. Specifying a label does not improve
- security.
-
- :attention: Modify the mask generation function only if you know what you are doing.
- Sender and receiver must use the same one.
- """
- self._key = key
-
- if hashAlgo:
- self._hashObj = hashAlgo
- else:
- self._hashObj = Crypto.Hash.SHA
-
- if mgfunc:
- self._mgf = mgfunc
- else:
- self._mgf = lambda x,y: Crypto.Signature.PKCS1_PSS.MGF1(x,y,self._hashObj)
-
- self._label = label
-
- def can_encrypt(self):
- """Return True/1 if this cipher object can be used for encryption."""
- return self._key.can_encrypt()
-
- def can_decrypt(self):
- """Return True/1 if this cipher object can be used for decryption."""
- return self._key.can_decrypt()
-
- def encrypt(self, message):
- """Produce the PKCS#1 OAEP encryption of a message.
-
- This function is named ``RSAES-OAEP-ENCRYPT``, and is specified in
- section 7.1.1 of RFC3447.
-
- :Parameters:
- message : string
- The message to encrypt, also known as plaintext. It can be of
- variable length, but not longer than the RSA modulus (in bytes)
- minus 2, minus twice the hash output size.
-
- :Return: A string, the ciphertext in which the message is encrypted.
- It is as long as the RSA modulus (in bytes).
- :Raise ValueError:
- If the RSA key length is not sufficiently long to deal with the given
- message.
- """
- # TODO: Verify the key is RSA
-
- randFunc = self._key._randfunc
-
- # See 7.1.1 in RFC3447
- modBits = Crypto.Util.number.size(self._key.n)
- k = ceil_div(modBits,8) # Convert from bits to bytes
- hLen = self._hashObj.digest_size
- mLen = len(message)
-
- # Step 1b
- ps_len = k-mLen-2*hLen-2
- if ps_len<0:
- raise ValueError("Plaintext is too long.")
- # Step 2a
- lHash = self._hashObj.new(self._label).digest()
- # Step 2b
- ps = bchr(0x00)*ps_len
- # Step 2c
- db = lHash + ps + bchr(0x01) + message
- # Step 2d
- ros = randFunc(hLen)
- # Step 2e
- dbMask = self._mgf(ros, k-hLen-1)
- # Step 2f
- maskedDB = strxor(db, dbMask)
- # Step 2g
- seedMask = self._mgf(maskedDB, hLen)
- # Step 2h
- maskedSeed = strxor(ros, seedMask)
- # Step 2i
- em = bchr(0x00) + maskedSeed + maskedDB
- # Step 3a (OS2IP), step 3b (RSAEP), part of step 3c (I2OSP)
- m = self._key.encrypt(em, 0)[0]
- # Complete step 3c (I2OSP)
- c = bchr(0x00)*(k-len(m)) + m
- return c
-
- def decrypt(self, ct):
- """Decrypt a PKCS#1 OAEP ciphertext.
-
- This function is named ``RSAES-OAEP-DECRYPT``, and is specified in
- section 7.1.2 of RFC3447.
-
- :Parameters:
- ct : string
- The ciphertext that contains the message to recover.
-
- :Return: A string, the original message.
- :Raise ValueError:
- If the ciphertext length is incorrect, or if the decryption does not
- succeed.
- :Raise TypeError:
- If the RSA key has no private half.
- """
- # TODO: Verify the key is RSA
-
- # See 7.1.2 in RFC3447
- modBits = Crypto.Util.number.size(self._key.n)
- k = ceil_div(modBits,8) # Convert from bits to bytes
- hLen = self._hashObj.digest_size
-
- # Step 1b and 1c
- if len(ct) != k or k<hLen+2:
- raise ValueError("Ciphertext with incorrect length.")
- # Step 2a (O2SIP), 2b (RSADP), and part of 2c (I2OSP)
- m = self._key.decrypt(ct)
- # Complete step 2c (I2OSP)
- em = bchr(0x00)*(k-len(m)) + m
- # Step 3a
- lHash = self._hashObj.new(self._label).digest()
- # Step 3b
- y = em[0]
- # y must be 0, but we MUST NOT check it here in order not to
- # allow attacks like Manger's (http://dl.acm.org/citation.cfm?id=704143)
- maskedSeed = em[1:hLen+1]
- maskedDB = em[hLen+1:]
- # Step 3c
- seedMask = self._mgf(maskedDB, hLen)
- # Step 3d
- seed = strxor(maskedSeed, seedMask)
- # Step 3e
- dbMask = self._mgf(seed, k-hLen-1)
- # Step 3f
- db = strxor(maskedDB, dbMask)
- # Step 3g
- valid = 1
- one = db[hLen:].find(bchr(0x01))
- lHash1 = db[:hLen]
- if lHash1!=lHash:
- valid = 0
- if one<0:
- valid = 0
- if bord(y)!=0:
- valid = 0
- if not valid:
- raise ValueError("Incorrect decryption.")
- # Step 4
- return db[hLen+one+1:]
-
-def new(key, hashAlgo=None, mgfunc=None, label=b('')):
- """Return a cipher object `PKCS1OAEP_Cipher` that can be used to perform PKCS#1 OAEP encryption or decryption.
-
- :Parameters:
- key : RSA key object
- The key to use to encrypt or decrypt the message. This is a `Crypto.PublicKey.RSA` object.
- Decryption is only possible if *key* is a private RSA key.
- hashAlgo : hash object
- The hash function to use. This can be a module under `Crypto.Hash`
- or an existing hash object created from any of such modules. If not specified,
- `Crypto.Hash.SHA` (that is, SHA-1) is used.
- mgfunc : callable
- A mask generation function that accepts two parameters: a string to
- use as seed, and the lenth of the mask to generate, in bytes.
- If not specified, the standard MGF1 is used (a safe choice).
- label : string
- A label to apply to this particular encryption. If not specified,
- an empty string is used. Specifying a label does not improve
- security.
-
- :attention: Modify the mask generation function only if you know what you are doing.
- Sender and receiver must use the same one.
- """
- return PKCS1OAEP_Cipher(key, hashAlgo, mgfunc, label)
-
diff --git a/frozen_deps/Crypto/Cipher/PKCS1_v1_5.py b/frozen_deps/Crypto/Cipher/PKCS1_v1_5.py
deleted file mode 100644
index 3602cb0..0000000
--- a/frozen_deps/Crypto/Cipher/PKCS1_v1_5.py
+++ /dev/null
@@ -1,226 +0,0 @@
-# -*- coding: utf-8 -*-
-#
-# Cipher/PKCS1-v1_5.py : PKCS#1 v1.5
-#
-# ===================================================================
-# The contents of this file are dedicated to the public domain. To
-# the extent that dedication to the public domain is not available,
-# everyone is granted a worldwide, perpetual, royalty-free,
-# non-exclusive license to exercise all rights associated with the
-# contents of this file for any purpose whatsoever.
-# No rights are reserved.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
-# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
-# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
-# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
-# BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
-# ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
-# CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
-# SOFTWARE.
-# ===================================================================
-
-"""RSA encryption protocol according to PKCS#1 v1.5
-
-See RFC3447__ or the `original RSA Labs specification`__ .
-
-This scheme is more properly called ``RSAES-PKCS1-v1_5``.
-
-**If you are designing a new protocol, consider using the more robust PKCS#1 OAEP.**
-
-As an example, a sender may encrypt a message in this way:
-
- >>> from Crypto.Cipher import PKCS1_v1_5
- >>> from Crypto.PublicKey import RSA
- >>> from Crypto.Hash import SHA
- >>>
- >>> message = 'To be encrypted'
- >>> h = SHA.new(message)
- >>>
- >>> key = RSA.importKey(open('pubkey.der').read())
- >>> cipher = PKCS1_v1_5.new(key)
- >>> ciphertext = cipher.encrypt(message+h.digest())
-
-At the receiver side, decryption can be done using the private part of
-the RSA key:
-
- >>> From Crypto.Hash import SHA
- >>> from Crypto import Random
- >>>
- >>> key = RSA.importKey(open('privkey.der').read())
- >>>
- >>> dsize = SHA.digest_size
- >>> sentinel = Random.new().read(15+dsize) # Let's assume that average data length is 15
- >>>
- >>> cipher = PKCS1_v1_5.new(key)
- >>> message = cipher.decrypt(ciphertext, sentinel)
- >>>
- >>> digest = SHA.new(message[:-dsize]).digest()
- >>> if digest==message[-dsize:]: # Note how we DO NOT look for the sentinel
- >>> print "Encryption was correct."
- >>> else:
- >>> print "Encryption was not correct."
-
-:undocumented: __revision__, __package__
-
-.. __: http://www.ietf.org/rfc/rfc3447.txt
-.. __: http://www.rsa.com/rsalabs/node.asp?id=2125.
-"""
-
-__revision__ = "$Id$"
-__all__ = [ 'new', 'PKCS115_Cipher' ]
-
-from Crypto.Util.number import ceil_div
-from Crypto.Util.py3compat import *
-import Crypto.Util.number
-
-class PKCS115_Cipher:
- """This cipher can perform PKCS#1 v1.5 RSA encryption or decryption."""
-
- def __init__(self, key):
- """Initialize this PKCS#1 v1.5 cipher object.
-
- :Parameters:
- key : an RSA key object
- If a private half is given, both encryption and decryption are possible.
- If a public half is given, only encryption is possible.
- """
- self._key = key
-
- def can_encrypt(self):
- """Return True if this cipher object can be used for encryption."""
- return self._key.can_encrypt()
-
- def can_decrypt(self):
- """Return True if this cipher object can be used for decryption."""
- return self._key.can_decrypt()
-
- def encrypt(self, message):
- """Produce the PKCS#1 v1.5 encryption of a message.
-
- This function is named ``RSAES-PKCS1-V1_5-ENCRYPT``, and is specified in
- section 7.2.1 of RFC3447.
- For a complete example see `Crypto.Cipher.PKCS1_v1_5`.
-
- :Parameters:
- message : byte string
- The message to encrypt, also known as plaintext. It can be of
- variable length, but not longer than the RSA modulus (in bytes) minus 11.
-
- :Return: A byte string, the ciphertext in which the message is encrypted.
- It is as long as the RSA modulus (in bytes).
- :Raise ValueError:
- If the RSA key length is not sufficiently long to deal with the given
- message.
-
- """
- # TODO: Verify the key is RSA
-
- randFunc = self._key._randfunc
-
- # See 7.2.1 in RFC3447
- modBits = Crypto.Util.number.size(self._key.n)
- k = ceil_div(modBits,8) # Convert from bits to bytes
- mLen = len(message)
-
- # Step 1
- if mLen > k-11:
- raise ValueError("Plaintext is too long.")
- # Step 2a
- class nonZeroRandByte:
- def __init__(self, rf): self.rf=rf
- def __call__(self, c):
- while bord(c)==0x00: c=self.rf(1)[0]
- return c
- ps = tobytes(list(map(nonZeroRandByte(randFunc), randFunc(k-mLen-3))))
- # Step 2b
- em = b('\x00\x02') + ps + bchr(0x00) + message
- # Step 3a (OS2IP), step 3b (RSAEP), part of step 3c (I2OSP)
- m = self._key.encrypt(em, 0)[0]
- # Complete step 3c (I2OSP)
- c = bchr(0x00)*(k-len(m)) + m
- return c
-
- def decrypt(self, ct, sentinel):
- """Decrypt a PKCS#1 v1.5 ciphertext.
-
- This function is named ``RSAES-PKCS1-V1_5-DECRYPT``, and is specified in
- section 7.2.2 of RFC3447.
- For a complete example see `Crypto.Cipher.PKCS1_v1_5`.
-
- :Parameters:
- ct : byte string
- The ciphertext that contains the message to recover.
- sentinel : any type
- The object to return to indicate that an error was detected during decryption.
-
- :Return: A byte string. It is either the original message or the ``sentinel`` (in case of an error).
- :Raise ValueError:
- If the ciphertext length is incorrect
- :Raise TypeError:
- If the RSA key has no private half.
-
- :attention:
- You should **never** let the party who submitted the ciphertext know that
- this function returned the ``sentinel`` value.
- Armed with such knowledge (for a fair amount of carefully crafted but invalid ciphertexts),
- an attacker is able to recontruct the plaintext of any other encryption that were carried out
- with the same RSA public key (see `Bleichenbacher's`__ attack).
-
- In general, it should not be possible for the other party to distinguish
- whether processing at the server side failed because the value returned
- was a ``sentinel`` as opposed to a random, invalid message.
-
- In fact, the second option is not that unlikely: encryption done according to PKCS#1 v1.5
- embeds no good integrity check. There is roughly one chance
- in 2^16 for a random ciphertext to be returned as a valid message
- (although random looking).
-
- It is therefore advisabled to:
-
- 1. Select as ``sentinel`` a value that resembles a plausable random, invalid message.
- 2. Not report back an error as soon as you detect a ``sentinel`` value.
- Put differently, you should not explicitly check if the returned value is the ``sentinel`` or not.
- 3. Cover all possible errors with a single, generic error indicator.
- 4. Embed into the definition of ``message`` (at the protocol level) a digest (e.g. ``SHA-1``).
- It is recommended for it to be the rightmost part ``message``.
- 5. Where possible, monitor the number of errors due to ciphertexts originating from the same party,
- and slow down the rate of the requests from such party (or even blacklist it altogether).
-
- **If you are designing a new protocol, consider using the more robust PKCS#1 OAEP.**
-
- .. __: http://www.bell-labs.com/user/bleichen/papers/pkcs.ps
-
- """
-
- # TODO: Verify the key is RSA
-
- # See 7.2.1 in RFC3447
- modBits = Crypto.Util.number.size(self._key.n)
- k = ceil_div(modBits,8) # Convert from bits to bytes
-
- # Step 1
- if len(ct) != k:
- raise ValueError("Ciphertext with incorrect length.")
- # Step 2a (O2SIP), 2b (RSADP), and part of 2c (I2OSP)
- m = self._key.decrypt(ct)
- # Complete step 2c (I2OSP)
- em = bchr(0x00)*(k-len(m)) + m
- # Step 3
- sep = em.find(bchr(0x00),2)
- if not em.startswith(b('\x00\x02')) or sep<10:
- return sentinel
- # Step 4
- return em[sep+1:]
-
-def new(key):
- """Return a cipher object `PKCS115_Cipher` that can be used to perform PKCS#1 v1.5 encryption or decryption.
-
- :Parameters:
- key : RSA key object
- The key to use to encrypt or decrypt the message. This is a `Crypto.PublicKey.RSA` object.
- Decryption is only possible if *key* is a private RSA key.
-
- """
- return PKCS115_Cipher(key)
-
diff --git a/frozen_deps/Crypto/Cipher/XOR.py b/frozen_deps/Crypto/Cipher/XOR.py
deleted file mode 100644
index 46b8464..0000000
--- a/frozen_deps/Crypto/Cipher/XOR.py
+++ /dev/null
@@ -1,86 +0,0 @@
-# -*- coding: utf-8 -*-
-#
-# Cipher/XOR.py : XOR
-#
-# ===================================================================
-# The contents of this file are dedicated to the public domain. To
-# the extent that dedication to the public domain is not available,
-# everyone is granted a worldwide, perpetual, royalty-free,
-# non-exclusive license to exercise all rights associated with the
-# contents of this file for any purpose whatsoever.
-# No rights are reserved.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
-# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
-# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
-# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
-# BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
-# ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
-# CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
-# SOFTWARE.
-# ===================================================================
-"""XOR toy cipher
-
-XOR is one the simplest stream ciphers. Encryption and decryption are
-performed by XOR-ing data with a keystream made by contatenating
-the key.
-
-Do not use it for real applications!
-
-:undocumented: __revision__, __package__
-"""
-
-__revision__ = "$Id$"
-
-from Crypto.Cipher import _XOR
-
-class XORCipher:
- """XOR cipher object"""
-
- def __init__(self, key, *args, **kwargs):
- """Initialize a XOR cipher object
-
- See also `new()` at the module level."""
- self._cipher = _XOR.new(key, *args, **kwargs)
- self.block_size = self._cipher.block_size
- self.key_size = self._cipher.key_size
-
- def encrypt(self, plaintext):
- """Encrypt a piece of data.
-
- :Parameters:
- plaintext : byte string
- The piece of data to encrypt. It can be of any size.
- :Return: the encrypted data (byte string, as long as the
- plaintext).
- """
- return self._cipher.encrypt(plaintext)
-
- def decrypt(self, ciphertext):
- """Decrypt a piece of data.
-
- :Parameters:
- ciphertext : byte string
- The piece of data to decrypt. It can be of any size.
- :Return: the decrypted data (byte string, as long as the
- ciphertext).
- """
- return self._cipher.decrypt(ciphertext)
-
-def new(key, *args, **kwargs):
- """Create a new XOR cipher
-
- :Parameters:
- key : byte string
- The secret key to use in the symmetric cipher.
- Its length may vary from 1 to 32 bytes.
-
- :Return: an `XORCipher` object
- """
- return XORCipher(key, *args, **kwargs)
-
-#: Size of a data block (in bytes)
-block_size = 1
-#: Size of a key (in bytes)
-key_size = range(1,32+1)
-
diff --git a/frozen_deps/Crypto/Cipher/_AES.cpython-38-x86_64-linux-gnu.so b/frozen_deps/Crypto/Cipher/_AES.cpython-38-x86_64-linux-gnu.so
deleted file mode 100755
index e9ffeb9..0000000
--- a/frozen_deps/Crypto/Cipher/_AES.cpython-38-x86_64-linux-gnu.so
+++ /dev/null
Binary files differ
diff --git a/frozen_deps/Crypto/Cipher/_ARC2.cpython-38-x86_64-linux-gnu.so b/frozen_deps/Crypto/Cipher/_ARC2.cpython-38-x86_64-linux-gnu.so
deleted file mode 100755
index b325488..0000000
--- a/frozen_deps/Crypto/Cipher/_ARC2.cpython-38-x86_64-linux-gnu.so
+++ /dev/null
Binary files differ
diff --git a/frozen_deps/Crypto/Cipher/_ARC4.cpython-38-x86_64-linux-gnu.so b/frozen_deps/Crypto/Cipher/_ARC4.cpython-38-x86_64-linux-gnu.so
deleted file mode 100755
index 982a28d..0000000
--- a/frozen_deps/Crypto/Cipher/_ARC4.cpython-38-x86_64-linux-gnu.so
+++ /dev/null
Binary files differ
diff --git a/frozen_deps/Crypto/Cipher/_Blowfish.cpython-38-x86_64-linux-gnu.so b/frozen_deps/Crypto/Cipher/_Blowfish.cpython-38-x86_64-linux-gnu.so
deleted file mode 100755
index 2648636..0000000
--- a/frozen_deps/Crypto/Cipher/_Blowfish.cpython-38-x86_64-linux-gnu.so
+++ /dev/null
Binary files differ
diff --git a/frozen_deps/Crypto/Cipher/_CAST.cpython-38-x86_64-linux-gnu.so b/frozen_deps/Crypto/Cipher/_CAST.cpython-38-x86_64-linux-gnu.so
deleted file mode 100755
index 439731a..0000000
--- a/frozen_deps/Crypto/Cipher/_CAST.cpython-38-x86_64-linux-gnu.so
+++ /dev/null
Binary files differ
diff --git a/frozen_deps/Crypto/Cipher/_DES.cpython-38-x86_64-linux-gnu.so b/frozen_deps/Crypto/Cipher/_DES.cpython-38-x86_64-linux-gnu.so
deleted file mode 100755
index e025c0d..0000000
--- a/frozen_deps/Crypto/Cipher/_DES.cpython-38-x86_64-linux-gnu.so
+++ /dev/null
Binary files differ
diff --git a/frozen_deps/Crypto/Cipher/_DES3.cpython-38-x86_64-linux-gnu.so b/frozen_deps/Crypto/Cipher/_DES3.cpython-38-x86_64-linux-gnu.so
deleted file mode 100755
index faef3f9..0000000
--- a/frozen_deps/Crypto/Cipher/_DES3.cpython-38-x86_64-linux-gnu.so
+++ /dev/null
Binary files differ
diff --git a/frozen_deps/Crypto/Cipher/_XOR.cpython-38-x86_64-linux-gnu.so b/frozen_deps/Crypto/Cipher/_XOR.cpython-38-x86_64-linux-gnu.so
deleted file mode 100755
index 43f0560..0000000
--- a/frozen_deps/Crypto/Cipher/_XOR.cpython-38-x86_64-linux-gnu.so
+++ /dev/null
Binary files differ
diff --git a/frozen_deps/Crypto/Cipher/__init__.py b/frozen_deps/Crypto/Cipher/__init__.py
deleted file mode 100644
index 7afed2d..0000000
--- a/frozen_deps/Crypto/Cipher/__init__.py
+++ /dev/null
@@ -1,83 +0,0 @@
-# -*- coding: utf-8 -*-
-#
-# ===================================================================
-# The contents of this file are dedicated to the public domain. To
-# the extent that dedication to the public domain is not available,
-# everyone is granted a worldwide, perpetual, royalty-free,
-# non-exclusive license to exercise all rights associated with the
-# contents of this file for any purpose whatsoever.
-# No rights are reserved.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
-# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
-# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
-# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
-# BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
-# ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
-# CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
-# SOFTWARE.
-# ===================================================================
-
-"""Symmetric- and asymmetric-key encryption algorithms.
-
-Encryption algorithms transform plaintext in some way that
-is dependent on a key or key pair, producing ciphertext.
-
-Symmetric algorithms
---------------------
-
-Encryption can easily be reversed, if (and, hopefully, only if)
-one knows the same key.
-In other words, sender and receiver share the same key.
-
-The symmetric encryption modules here all support the interface described in PEP
-272, "API for Block Encryption Algorithms".
-
-If you don't know which algorithm to choose, use AES because it's
-standard and has undergone a fair bit of examination.
-
-======================== ======= ========================
-Module name Type Description
-======================== ======= ========================
-`Crypto.Cipher.AES` Block Advanced Encryption Standard
-`Crypto.Cipher.ARC2` Block Alleged RC2
-`Crypto.Cipher.ARC4` Stream Alleged RC4
-`Crypto.Cipher.Blowfish` Block Blowfish
-`Crypto.Cipher.CAST` Block CAST
-`Crypto.Cipher.DES` Block The Data Encryption Standard.
- Very commonly used in the past,
- but today its 56-bit keys are too small.
-`Crypto.Cipher.DES3` Block Triple DES.
-`Crypto.Cipher.XOR` Stream The simple XOR cipher.
-======================== ======= ========================
-
-
-Asymmetric algorithms
----------------------
-
-For asymmetric algorithms, the key to be used for decryption is totally
-different and cannot be derived in a feasible way from the key used
-for encryption. Put differently, sender and receiver each own one half
-of a key pair. The encryption key is often called ``public`` whereas
-the decryption key is called ``private``.
-
-========================== =======================
-Module name Description
-========================== =======================
-`Crypto.Cipher.PKCS1_v1_5` PKCS#1 v1.5 encryption, based on RSA key pairs
-`Crypto.Cipher.PKCS1_OAEP` PKCS#1 OAEP encryption, based on RSA key pairs
-========================== =======================
-
-:undocumented: __revision__, __package__, _AES, _ARC2, _ARC4, _Blowfish
- _CAST, _DES, _DES3, _XOR
-"""
-
-__all__ = ['AES', 'ARC2', 'ARC4',
- 'Blowfish', 'CAST', 'DES', 'DES3',
- 'XOR',
- 'PKCS1_v1_5', 'PKCS1_OAEP'
- ]
-
-__revision__ = "$Id$"
-
-
diff --git a/frozen_deps/Crypto/Cipher/blockalgo.py b/frozen_deps/Crypto/Cipher/blockalgo.py
deleted file mode 100644
index dd183dc..0000000
--- a/frozen_deps/Crypto/Cipher/blockalgo.py
+++ /dev/null
@@ -1,296 +0,0 @@
-# -*- coding: utf-8 -*-
-#
-# Cipher/blockalgo.py
-#
-# ===================================================================
-# The contents of this file are dedicated to the public domain. To
-# the extent that dedication to the public domain is not available,
-# everyone is granted a worldwide, perpetual, royalty-free,
-# non-exclusive license to exercise all rights associated with the
-# contents of this file for any purpose whatsoever.
-# No rights are reserved.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
-# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
-# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
-# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
-# BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
-# ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
-# CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
-# SOFTWARE.
-# ===================================================================
-"""Module with definitions common to all block ciphers."""
-
-import sys
-if sys.version_info[0] == 2 and sys.version_info[1] == 1:
- from Crypto.Util.py21compat import *
-from Crypto.Util.py3compat import *
-
-#: *Electronic Code Book (ECB)*.
-#: This is the simplest encryption mode. Each of the plaintext blocks
-#: is directly encrypted into a ciphertext block, independently of
-#: any other block. This mode exposes frequency of symbols
-#: in your plaintext. Other modes (e.g. *CBC*) should be used instead.
-#:
-#: See `NIST SP800-38A`_ , Section 6.1 .
-#:
-#: .. _`NIST SP800-38A` : http://csrc.nist.gov/publications/nistpubs/800-38a/sp800-38a.pdf
-MODE_ECB = 1
-
-#: *Cipher-Block Chaining (CBC)*. Each of the ciphertext blocks depends
-#: on the current and all previous plaintext blocks. An Initialization Vector
-#: (*IV*) is required.
-#:
-#: The *IV* is a data block to be transmitted to the receiver.
-#: The *IV* can be made public, but it must be authenticated by the receiver and
-#: it should be picked randomly.
-#:
-#: See `NIST SP800-38A`_ , Section 6.2 .
-#:
-#: .. _`NIST SP800-38A` : http://csrc.nist.gov/publications/nistpubs/800-38a/sp800-38a.pdf
-MODE_CBC = 2
-
-#: *Cipher FeedBack (CFB)*. This mode is similar to CBC, but it transforms
-#: the underlying block cipher into a stream cipher. Plaintext and ciphertext
-#: are processed in *segments* of **s** bits. The mode is therefore sometimes
-#: labelled **s**-bit CFB. An Initialization Vector (*IV*) is required.
-#:
-#: When encrypting, each ciphertext segment contributes to the encryption of
-#: the next plaintext segment.
-#:
-#: This *IV* is a data block to be transmitted to the receiver.
-#: The *IV* can be made public, but it should be picked randomly.
-#: Reusing the same *IV* for encryptions done with the same key lead to
-#: catastrophic cryptographic failures.
-#:
-#: See `NIST SP800-38A`_ , Section 6.3 .
-#:
-#: .. _`NIST SP800-38A` : http://csrc.nist.gov/publications/nistpubs/800-38a/sp800-38a.pdf
-MODE_CFB = 3
-
-#: This mode should not be used.
-MODE_PGP = 4
-
-#: *Output FeedBack (OFB)*. This mode is very similar to CBC, but it
-#: transforms the underlying block cipher into a stream cipher.
-#: The keystream is the iterated block encryption of an Initialization Vector (*IV*).
-#:
-#: The *IV* is a data block to be transmitted to the receiver.
-#: The *IV* can be made public, but it should be picked randomly.
-#:
-#: Reusing the same *IV* for encryptions done with the same key lead to
-#: catastrophic cryptograhic failures.
-#:
-#: See `NIST SP800-38A`_ , Section 6.4 .
-#:
-#: .. _`NIST SP800-38A` : http://csrc.nist.gov/publications/nistpubs/800-38a/sp800-38a.pdf
-MODE_OFB = 5
-
-#: *CounTeR (CTR)*. This mode is very similar to ECB, in that
-#: encryption of one block is done independently of all other blocks.
-#: Unlike ECB, the block *position* contributes to the encryption and no
-#: information leaks about symbol frequency.
-#:
-#: Each message block is associated to a *counter* which must be unique
-#: across all messages that get encrypted with the same key (not just within
-#: the same message). The counter is as big as the block size.
-#:
-#: Counters can be generated in several ways. The most straightword one is
-#: to choose an *initial counter block* (which can be made public, similarly
-#: to the *IV* for the other modes) and increment its lowest **m** bits by
-#: one (modulo *2^m*) for each block. In most cases, **m** is chosen to be half
-#: the block size.
-#:
-#: Reusing the same *initial counter block* for encryptions done with the same
-#: key lead to catastrophic cryptograhic failures.
-#:
-#: See `NIST SP800-38A`_ , Section 6.5 (for the mode) and Appendix B (for how
-#: to manage the *initial counter block*).
-#:
-#: .. _`NIST SP800-38A` : http://csrc.nist.gov/publications/nistpubs/800-38a/sp800-38a.pdf
-MODE_CTR = 6
-
-#: OpenPGP. This mode is a variant of CFB, and it is only used in PGP and OpenPGP_ applications.
-#: An Initialization Vector (*IV*) is required.
-#:
-#: Unlike CFB, the IV is not transmitted to the receiver. Instead, the *encrypted* IV is.
-#: The IV is a random data block. Two of its bytes are duplicated to act as a checksum
-#: for the correctness of the key. The encrypted IV is therefore 2 bytes longer than
-#: the clean IV.
-#:
-#: .. _OpenPGP: http://tools.ietf.org/html/rfc4880
-MODE_OPENPGP = 7
-
-def _getParameter(name, index, args, kwargs, default=None):
- """Find a parameter in tuple and dictionary arguments a function receives"""
- param = kwargs.get(name)
- if len(args)>index:
- if param:
- raise ValueError("Parameter '%s' is specified twice" % name)
- param = args[index]
- return param or default
-
-class BlockAlgo:
- """Class modelling an abstract block cipher."""
-
- def __init__(self, factory, key, *args, **kwargs):
- self.mode = _getParameter('mode', 0, args, kwargs, default=MODE_ECB)
- self.block_size = factory.block_size
-
- if self.mode != MODE_OPENPGP:
- self._cipher = factory.new(key, *args, **kwargs)
- self.IV = self._cipher.IV
- else:
- # OPENPGP mode. For details, see 13.9 in RCC4880.
- #
- # A few members are specifically created for this mode:
- # - _encrypted_iv, set in this constructor
- # - _done_first_block, set to True after the first encryption
- # - _done_last_block, set to True after a partial block is processed
-
- self._done_first_block = False
- self._done_last_block = False
- self.IV = _getParameter('iv', 1, args, kwargs)
- if not self.IV:
- raise ValueError("MODE_OPENPGP requires an IV")
-
- # Instantiate a temporary cipher to process the IV
- IV_cipher = factory.new(key, MODE_CFB,
- b('\x00')*self.block_size, # IV for CFB
- segment_size=self.block_size*8)
-
- # The cipher will be used for...
- if len(self.IV) == self.block_size:
- # ... encryption
- self._encrypted_IV = IV_cipher.encrypt(
- self.IV + self.IV[-2:] + # Plaintext
- b('\x00')*(self.block_size-2) # Padding
- )[:self.block_size+2]
- elif len(self.IV) == self.block_size+2:
- # ... decryption
- self._encrypted_IV = self.IV
- self.IV = IV_cipher.decrypt(self.IV + # Ciphertext
- b('\x00')*(self.block_size-2) # Padding
- )[:self.block_size+2]
- if self.IV[-2:] != self.IV[-4:-2]:
- raise ValueError("Failed integrity check for OPENPGP IV")
- self.IV = self.IV[:-2]
- else:
- raise ValueError("Length of IV must be %d or %d bytes for MODE_OPENPGP"
- % (self.block_size, self.block_size+2))
-
- # Instantiate the cipher for the real PGP data
- self._cipher = factory.new(key, MODE_CFB,
- self._encrypted_IV[-self.block_size:],
- segment_size=self.block_size*8)
-
- def encrypt(self, plaintext):
- """Encrypt data with the key and the parameters set at initialization.
-
- The cipher object is stateful; encryption of a long block
- of data can be broken up in two or more calls to `encrypt()`.
- That is, the statement:
-
- >>> c.encrypt(a) + c.encrypt(b)
-
- is always equivalent to:
-
- >>> c.encrypt(a+b)
-
- That also means that you cannot reuse an object for encrypting
- or decrypting other data with the same key.
-
- This function does not perform any padding.
-
- - For `MODE_ECB`, `MODE_CBC`, and `MODE_OFB`, *plaintext* length
- (in bytes) must be a multiple of *block_size*.
-
- - For `MODE_CFB`, *plaintext* length (in bytes) must be a multiple
- of *segment_size*/8.
-
- - For `MODE_CTR`, *plaintext* can be of any length.
-
- - For `MODE_OPENPGP`, *plaintext* must be a multiple of *block_size*,
- unless it is the last chunk of the message.
-
- :Parameters:
- plaintext : byte string
- The piece of data to encrypt.
- :Return:
- the encrypted data, as a byte string. It is as long as
- *plaintext* with one exception: when encrypting the first message
- chunk with `MODE_OPENPGP`, the encypted IV is prepended to the
- returned ciphertext.
- """
-
- if self.mode == MODE_OPENPGP:
- padding_length = (self.block_size - len(plaintext) % self.block_size) % self.block_size
- if padding_length>0:
- # CFB mode requires ciphertext to have length multiple of block size,
- # but PGP mode allows the last block to be shorter
- if self._done_last_block:
- raise ValueError("Only the last chunk is allowed to have length not multiple of %d bytes",
- self.block_size)
- self._done_last_block = True
- padded = plaintext + b('\x00')*padding_length
- res = self._cipher.encrypt(padded)[:len(plaintext)]
- else:
- res = self._cipher.encrypt(plaintext)
- if not self._done_first_block:
- res = self._encrypted_IV + res
- self._done_first_block = True
- return res
-
- return self._cipher.encrypt(plaintext)
-
- def decrypt(self, ciphertext):
- """Decrypt data with the key and the parameters set at initialization.
-
- The cipher object is stateful; decryption of a long block
- of data can be broken up in two or more calls to `decrypt()`.
- That is, the statement:
-
- >>> c.decrypt(a) + c.decrypt(b)
-
- is always equivalent to:
-
- >>> c.decrypt(a+b)
-
- That also means that you cannot reuse an object for encrypting
- or decrypting other data with the same key.
-
- This function does not perform any padding.
-
- - For `MODE_ECB`, `MODE_CBC`, and `MODE_OFB`, *ciphertext* length
- (in bytes) must be a multiple of *block_size*.
-
- - For `MODE_CFB`, *ciphertext* length (in bytes) must be a multiple
- of *segment_size*/8.
-
- - For `MODE_CTR`, *ciphertext* can be of any length.
-
- - For `MODE_OPENPGP`, *plaintext* must be a multiple of *block_size*,
- unless it is the last chunk of the message.
-
- :Parameters:
- ciphertext : byte string
- The piece of data to decrypt.
- :Return: the decrypted data (byte string, as long as *ciphertext*).
- """
- if self.mode == MODE_OPENPGP:
- padding_length = (self.block_size - len(ciphertext) % self.block_size) % self.block_size
- if padding_length>0:
- # CFB mode requires ciphertext to have length multiple of block size,
- # but PGP mode allows the last block to be shorter
- if self._done_last_block:
- raise ValueError("Only the last chunk is allowed to have length not multiple of %d bytes",
- self.block_size)
- self._done_last_block = True
- padded = ciphertext + b('\x00')*padding_length
- res = self._cipher.decrypt(padded)[:len(ciphertext)]
- else:
- res = self._cipher.decrypt(ciphertext)
- return res
-
- return self._cipher.decrypt(ciphertext)
-