diff options
Diffstat (limited to 'docs/development')
| -rw-r--r-- | docs/development/custom-vectors/seed.rst | 30 | ||||
| -rw-r--r-- | docs/development/custom-vectors/seed/generate_seed.py | 57 | ||||
| -rw-r--r-- | docs/development/custom-vectors/seed/verify_seed.py | 35 | ||||
| -rw-r--r-- | docs/development/test-vectors.rst | 3 |
4 files changed, 125 insertions, 0 deletions
diff --git a/docs/development/custom-vectors/seed.rst b/docs/development/custom-vectors/seed.rst new file mode 100644 index 00000000..e8fda542 --- /dev/null +++ b/docs/development/custom-vectors/seed.rst @@ -0,0 +1,30 @@ +SEED vector creation +===================== + +This page documents the code that was used to generate the SEED CFB and OFB +test vectors as well as the code used to verify them against another +implementation. For SEED the vectors were generated using OpenSSL and verified +with `Botan`_. + +Creation +-------- + +``cryptography`` was modified to support SEED in CFB and OFB modes. Then +the following python script was run to generate the vector files. + +.. literalinclude:: /development/custom-vectors/seed/generate_seed.py + +Download link: :download:`generate_seed.py </development/custom-vectors/seed/generate_seed.py>` + + +Verification +------------ + +The following python code was used to verify the vectors using the `Botan`_ +project's Python bindings. + +.. literalinclude:: /development/custom-vectors/seed/verify_seed.py + +Download link: :download:`verify_seed.py </development/custom-vectors/seed/verify_seed.py>` + +.. _`Botan`: http://botan.randombit.net diff --git a/docs/development/custom-vectors/seed/generate_seed.py b/docs/development/custom-vectors/seed/generate_seed.py new file mode 100644 index 00000000..d59597fd --- /dev/null +++ b/docs/development/custom-vectors/seed/generate_seed.py @@ -0,0 +1,57 @@ +import binascii + +from cryptography.hazmat.backends.openssl.backend import backend +from cryptography.hazmat.primitives.ciphers import algorithms, base, modes + + +def encrypt(mode, key, iv, plaintext): + cipher = base.Cipher( + algorithms.SEED(binascii.unhexlify(key)), + mode(binascii.unhexlify(iv)), + backend + ) + encryptor = cipher.encryptor() + ct = encryptor.update(binascii.unhexlify(plaintext)) + ct += encryptor.finalize() + return binascii.hexlify(ct) + + +def build_vectors(mode, filename): + with open(filename, "r") as f: + vector_file = f.read().splitlines() + + count = 0 + output = [] + key = None + iv = None + plaintext = None + for line in vector_file: + line = line.strip() + if line.startswith("KEY"): + if count != 0: + output.append("CIPHERTEXT = {0}".format( + encrypt(mode, key, iv, plaintext)) + ) + output.append("\nCOUNT = {0}".format(count)) + count += 1 + name, key = line.split(" = ") + output.append("KEY = {0}".format(key)) + elif line.startswith("IV"): + name, iv = line.split(" = ") + output.append("IV = {0}".format(iv)) + elif line.startswith("PLAINTEXT"): + name, plaintext = line.split(" = ") + output.append("PLAINTEXT = {0}".format(plaintext)) + + output.append("CIPHERTEXT = {0}".format(encrypt(mode, key, iv, plaintext))) + return "\n".join(output) + + +def write_file(data, filename): + with open(filename, "w") as f: + f.write(data) + +OFB_PATH = "vectors/cryptography_vectors/ciphers/AES/OFB/OFBMMT128.rsp" +write_file(build_vectors(modes.OFB, OFB_PATH), "seed-ofb.txt") +CFB_PATH = "vectors/cryptography_vectors/ciphers/AES/CFB/CFB128MMT128.rsp" +write_file(build_vectors(modes.CFB, CFB_PATH), "seed-cfb.txt") diff --git a/docs/development/custom-vectors/seed/verify_seed.py b/docs/development/custom-vectors/seed/verify_seed.py new file mode 100644 index 00000000..e626428c --- /dev/null +++ b/docs/development/custom-vectors/seed/verify_seed.py @@ -0,0 +1,35 @@ +import binascii + +import botan + +from tests.utils import load_nist_vectors + + +def encrypt(mode, key, iv, plaintext): + encryptor = botan.Cipher("SEED/{0}/NoPadding".format(mode), "encrypt", + binascii.unhexlify(key)) + + cipher_text = encryptor.cipher(binascii.unhexlify(plaintext), + binascii.unhexlify(iv)) + return binascii.hexlify(cipher_text) + + +def verify_vectors(mode, filename): + with open(filename, "r") as f: + vector_file = f.read().splitlines() + + vectors = load_nist_vectors(vector_file) + for vector in vectors: + ct = encrypt( + mode, + vector["key"], + vector["iv"], + vector["plaintext"] + ) + assert ct == vector["ciphertext"] + + +ofb_path = "vectors/cryptography_vectors/ciphers/SEED/seed-ofb.txt" +verify_vectors("OFB", ofb_path) +cfb_path = "vectors/cryptography_vectors/ciphers/SEED/seed-cfb.txt" +verify_vectors("CFB", cfb_path) diff --git a/docs/development/test-vectors.rst b/docs/development/test-vectors.rst index d2e9548b..a1692c19 100644 --- a/docs/development/test-vectors.rst +++ b/docs/development/test-vectors.rst @@ -79,6 +79,8 @@ Symmetric ciphers See: :doc:`/development/custom-vectors/idea` * SEED (ECB) from :rfc:`4269`. * SEED (CBC) from :rfc:`4196`. +* SEED (CFB, OFB) generated by this project. + See: :doc:`/development/custom-vectors/seed` Two factor authentication ~~~~~~~~~~~~~~~~~~~~~~~~~ @@ -98,6 +100,7 @@ its own using existing vectors as source material. Current custom vectors: custom-vectors/cast5 custom-vectors/idea + custom-vectors/seed If official test vectors appear in the future the custom generated vectors should be discarded. |