From 6d8f9b0273e2edfbbf5fedc5dbc5c2c427a3e3e9 Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Tue, 8 Apr 2014 09:17:02 -0500 Subject: add SEED CFB/OFB bespoke vectors and documentation --- docs/development/custom-vectors/seed.rst | 30 ++++++++++++ .../custom-vectors/seed/generate_seed.py | 57 ++++++++++++++++++++++ .../development/custom-vectors/seed/verify_seed.py | 35 +++++++++++++ 3 files changed, 122 insertions(+) create mode 100644 docs/development/custom-vectors/seed.rst create mode 100644 docs/development/custom-vectors/seed/generate_seed.py create mode 100644 docs/development/custom-vectors/seed/verify_seed.py (limited to 'docs/development/custom-vectors') diff --git a/docs/development/custom-vectors/seed.rst b/docs/development/custom-vectors/seed.rst new file mode 100644 index 00000000..d26345fa --- /dev/null +++ b/docs/development/custom-vectors/seed.rst @@ -0,0 +1,30 @@ +SEED vector creation +===================== + +This page documents the code that was used to generate the SEED CFB and OFB +test vectors as well as the code used to verify them against another +implementation. For SEED the vectors were generated using OpenSSL and verified +with Botan. + +Creation +-------- + +``cryptography`` was modified to support SEED in CFB and OFB modes. Then +the following python script was run to generate the vector files. + +.. literalinclude:: /development/custom-vectors/seed/generate_seed.py + +Download link: :download:`generate_seed.py ` + + +Verification +------------ + +The following python code was used to verify the vectors using the `Botan`_ +project's Python bindings. + +.. literalinclude:: /development/custom-vectors/seed/verify_seed.py + +Download link: :download:`verify_seed.py ` + +.. _`Botan`: http://botan.randombit.net diff --git a/docs/development/custom-vectors/seed/generate_seed.py b/docs/development/custom-vectors/seed/generate_seed.py new file mode 100644 index 00000000..d59597fd --- /dev/null +++ b/docs/development/custom-vectors/seed/generate_seed.py @@ -0,0 +1,57 @@ +import binascii + +from cryptography.hazmat.backends.openssl.backend import backend +from cryptography.hazmat.primitives.ciphers import algorithms, base, modes + + +def encrypt(mode, key, iv, plaintext): + cipher = base.Cipher( + algorithms.SEED(binascii.unhexlify(key)), + mode(binascii.unhexlify(iv)), + backend + ) + encryptor = cipher.encryptor() + ct = encryptor.update(binascii.unhexlify(plaintext)) + ct += encryptor.finalize() + return binascii.hexlify(ct) + + +def build_vectors(mode, filename): + with open(filename, "r") as f: + vector_file = f.read().splitlines() + + count = 0 + output = [] + key = None + iv = None + plaintext = None + for line in vector_file: + line = line.strip() + if line.startswith("KEY"): + if count != 0: + output.append("CIPHERTEXT = {0}".format( + encrypt(mode, key, iv, plaintext)) + ) + output.append("\nCOUNT = {0}".format(count)) + count += 1 + name, key = line.split(" = ") + output.append("KEY = {0}".format(key)) + elif line.startswith("IV"): + name, iv = line.split(" = ") + output.append("IV = {0}".format(iv)) + elif line.startswith("PLAINTEXT"): + name, plaintext = line.split(" = ") + output.append("PLAINTEXT = {0}".format(plaintext)) + + output.append("CIPHERTEXT = {0}".format(encrypt(mode, key, iv, plaintext))) + return "\n".join(output) + + +def write_file(data, filename): + with open(filename, "w") as f: + f.write(data) + +OFB_PATH = "vectors/cryptography_vectors/ciphers/AES/OFB/OFBMMT128.rsp" +write_file(build_vectors(modes.OFB, OFB_PATH), "seed-ofb.txt") +CFB_PATH = "vectors/cryptography_vectors/ciphers/AES/CFB/CFB128MMT128.rsp" +write_file(build_vectors(modes.CFB, CFB_PATH), "seed-cfb.txt") diff --git a/docs/development/custom-vectors/seed/verify_seed.py b/docs/development/custom-vectors/seed/verify_seed.py new file mode 100644 index 00000000..e626428c --- /dev/null +++ b/docs/development/custom-vectors/seed/verify_seed.py @@ -0,0 +1,35 @@ +import binascii + +import botan + +from tests.utils import load_nist_vectors + + +def encrypt(mode, key, iv, plaintext): + encryptor = botan.Cipher("SEED/{0}/NoPadding".format(mode), "encrypt", + binascii.unhexlify(key)) + + cipher_text = encryptor.cipher(binascii.unhexlify(plaintext), + binascii.unhexlify(iv)) + return binascii.hexlify(cipher_text) + + +def verify_vectors(mode, filename): + with open(filename, "r") as f: + vector_file = f.read().splitlines() + + vectors = load_nist_vectors(vector_file) + for vector in vectors: + ct = encrypt( + mode, + vector["key"], + vector["iv"], + vector["plaintext"] + ) + assert ct == vector["ciphertext"] + + +ofb_path = "vectors/cryptography_vectors/ciphers/SEED/seed-ofb.txt" +verify_vectors("OFB", ofb_path) +cfb_path = "vectors/cryptography_vectors/ciphers/SEED/seed-cfb.txt" +verify_vectors("CFB", cfb_path) -- cgit v1.2.3 From 10a2fa4b517062bb3e37d4de2ba4b977e49e6cc1 Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Wed, 9 Apr 2014 08:54:43 -0500 Subject: linkify another thing --- docs/development/custom-vectors/seed.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'docs/development/custom-vectors') diff --git a/docs/development/custom-vectors/seed.rst b/docs/development/custom-vectors/seed.rst index d26345fa..e8fda542 100644 --- a/docs/development/custom-vectors/seed.rst +++ b/docs/development/custom-vectors/seed.rst @@ -4,7 +4,7 @@ SEED vector creation This page documents the code that was used to generate the SEED CFB and OFB test vectors as well as the code used to verify them against another implementation. For SEED the vectors were generated using OpenSSL and verified -with Botan. +with `Botan`_. Creation -------- -- cgit v1.2.3