5 # Setup for Catacomb/Python bindings
7 # (c) 2004 Straylight/Edgeware
10 #----- Licensing notice -----------------------------------------------------
12 # This file is part of the Python interface to Catacomb.
14 # Catacomb/Python is free software; you can redistribute it and/or modify
15 # it under the terms of the GNU General Public License as published by
16 # the Free Software Foundation; either version 2 of the License, or
17 # (at your option) any later version.
19 # Catacomb/Python is distributed in the hope that it will be useful,
20 # but WITHOUT ANY WARRANTY; without even the implied warranty of
21 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
22 # GNU General Public License for more details.
24 # You should have received a copy of the GNU General Public License
25 # along with Catacomb/Python; if not, write to the Free Software Foundation,
26 # Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
29 import types as _types
30 from binascii import hexlify as _hexify, unhexlify as _unhexify
31 from sys import argv as _argv
41 for i in ['MP', 'GF', 'Field',
42 'ECPt', 'ECPtCurve', 'ECCurve', 'ECInfo',
43 'DHInfo', 'BinDHInfo', 'RSAPriv', 'PrimeFilter', 'RabinMiller',
51 setattr(c, j[plen:], classmethod(b[j]))
52 for i in [gcciphers, gchashes, gcmacs]:
55 d[c.name.replace('-', '_')] = c
61 if type(a) is _types.MethodType:
63 elif type(a) not in (_types.FunctionType, staticmethod, classmethod):
69 return ByteString(_unhexify(x))
70 fromhex = staticmethod(fromhex)
74 return 'bytes(%r)' % hex(me)
75 _augment(ByteString, _tmp)
76 bytes = ByteString.fromhex
79 def negp(x): return x < 0
80 def posp(x): return x > 0
81 def zerop(x): return x == 0
82 def oddp(x): return x.testbit(0)
83 def evenp(x): return not x.testbit(0)
84 def mont(x): return MPMont(x)
85 def barrett(x): return MPBarrett(x)
86 def reduce(x): return MPReduce(x)
89 if x < 0: raise ValueError, 'factorial argument must be > 0'
90 return MP.product(xrange(1, x + 1))
91 factorial = staticmethod(factorial)
97 raise SyntaxError, 'junk at end of string'
101 def reduce(x): return GReduce(x)
105 def fromstring(str): return _checkend(Field.parse(str))
106 fromstring = staticmethod(fromstring)
107 _augment(Field, _tmp)
110 def __repr__(me): return '%s(%sL)' % (type(me).__name__, me.p)
111 def ec(me, a, b): return ECPrimeProjCurve(me, a, b)
112 _augment(PrimeField, _tmp)
115 def __repr__(me): return '%s(%sL)' % (type(me).__name__, hex(me.p))
116 def ec(me, a, b): return ECBinProjCurve(me, a, b)
117 _augment(BinField, _tmp)
120 def __str__(me): return str(me.value)
121 def __repr__(me): return '%s(%s)' % (repr(me.field), repr(me.value))
124 class _groupmap (object):
125 def __init__(me, map, nth):
128 me.i = [None] * (max(map.values()) + 1)
130 return '{%s}' % ', '.join(['%r: %r' % (k, me[k]) for k in me])
131 def __contains__(me, k):
133 def __getitem__(me, k):
138 def __setitem__(me, k, v):
139 raise TypeError, "immutable object"
143 return [k for k in me]
145 return [me[k] for k in me]
146 eccurves = _groupmap(_base._eccurves, ECInfo._curven)
147 primegroups = _groupmap(_base._pgroups, DHInfo._groupn)
148 bingroups = _groupmap(_base._bingroups, BinDHInfo._groupn)
152 return '%s(%r, %s, %s)' % (type(me).__name__, me.field, me.a, me.b)
154 return ecpt.frombuf(me, s)
156 return ecpt.fromraw(me, s)
158 return ECPt(me, *args)
159 _augment(ECCurve, _tmp)
163 if not me: return 'ECPt()'
164 return 'ECPt(%s, %s)' % (me.ix, me.iy)
166 if not me: return 'inf'
167 return '(%s, %s)' % (me.ix, me.iy)
172 return 'ECInfo(curve = %r, G = %r, r = %s, h = %s)' % \
173 (me.curve, me.G, me.r, me.h)
176 _augment(ECInfo, _tmp)
180 if not me: return '%r()' % (me.curve)
181 return '%r(%s, %s)' % (me.curve, me.x, me.y)
183 if not me: return 'inf'
184 return '(%s, %s)' % (me.x, me.y)
185 _augment(ECPtCurve, _tmp)
188 def __repr__(me): return 'KeySZAny(%d)' % me.default
189 def check(me, sz): return True
190 def best(me, sz): return sz
191 _augment(KeySZAny, _tmp)
195 return 'KeySZRange(%d, %d, %d, %d)' % \
196 (me.default, me.min, me.max, me.mod)
197 def check(me, sz): return me.min <= sz <= me.max and sz % me.mod == 0
199 if sz < me.min: raise ValueError, 'key too small'
200 elif sz > me.max: return me.max
201 else: return sz - (sz % me.mod)
202 _augment(KeySZRange, _tmp)
205 def __repr__(me): return 'KeySZSet(%d, %s)' % (me.default, me.set)
206 def check(me, sz): return sz in me.set
210 if found < i <= sz: found = i
211 if found < 0: raise ValueError, 'key too small'
213 _augment(KeySZSet, _tmp)
217 return '%s(p = %s, r = %s, g = %s)' % \
218 (type(me).__name__, me.p, me.r, me.g)
219 _augment(FGInfo, _tmp)
222 def group(me): return PrimeGroup(me)
223 _augment(DHInfo, _tmp)
226 def group(me): return BinGroup(me)
227 _augment(BinDHInfo, _tmp)
231 return '%s(%r)' % (type(me).__name__, me.info)
232 _augment(Group, _tmp)
236 return '%r(%r)' % (me.group, str(me))
239 class PKCS1Crypt(object):
240 def __init__(me, ep = '', rng = rand):
243 def encode(me, msg, nbits):
244 return _base._p1crypt_encode(msg, nbits, me.ep, me.rng)
245 def decode(me, ct, nbits):
246 return _base._p1crypt_decode(ct, nbits, me.ep, me.rng)
248 class PKCS1Sig(object):
249 def __init__(me, ep = '', rng = rand):
252 def encode(me, msg, nbits):
253 return _base._p1sig_encode(msg, nbits, me.ep, me.rng)
254 def decode(me, msg, sig, nbits):
255 return _base._p1sig_decode(msg, sig, nbits, me.ep, me.rng)
258 def __init__(me, mgf = sha_mgf, hash = sha, ep = '', rng = rand):
263 def encode(me, msg, nbits):
264 return _base._oaep_encode(msg, nbits, me.mgf, me.hash, me.ep, me.rng)
265 def decode(me, ct, nbits):
266 return _base._oaep_decode(ct, nbits, me.mgf, me.hash, me.ep, me.rng)
269 def __init__(me, mgf = sha_mgf, hash = sha, saltsz = None, rng = rand):
276 def encode(me, msg, nbits):
277 return _base._pss_encode(msg, nbits, me.mgf, me.hash, me.saltsz, me.rng)
278 def decode(me, msg, sig, nbits):
279 return _base._pss_decode(msg, sig, nbits,
280 me.mgf, me.hash, me.saltsz, me.rng)
283 def encrypt(me, msg, enc):
284 return me.pubop(enc.encode(msg, me.n.nbits))
285 def verify(me, msg, sig, enc):
286 if msg is None: return enc.decode(msg, me.pubop(sig), me.n.nbits)
288 x = enc.decode(msg, me.pubop(sig), me.n.nbits)
289 return x is None or x == msg
292 _augment(RSAPub, _tmp)
295 def decrypt(me, ct, enc): return enc.decode(me.privop(ct), me.n.nbits)
296 def sign(me, msg, enc): return me.privop(enc.encode(msg, me.n.nbits))
297 _augment(RSAPriv, _tmp)
300 class SophieGermainStepJump (object):
301 def pg_begin(me, ev):
302 me.lf = PrimeFilter(ev.x)
303 me.hf = me.lf.muladd(2, 1)
309 while me.lf.status == PGEN_FAIL or me.hf.status == PGEN_FAIL:
311 if me.lf.status == PGEN_ABORT or me.hf.status == PGEN_ABORT:
314 if me.lf.status == PGEN_DONE and me.hf.status == PGEN_DONE:
321 class SophieGermainStepper (SophieGermainStepJump):
322 def __init__(me, step):
329 class SophieGermainJumper (SophieGermainStepJump):
330 def __init__(me, jump):
331 me.ljump = PrimeFilter(jump);
332 me.hjump = me.ljump.muladd(2, 0)
339 SophieGermainStepJump.pg_done(me, ev)
341 class SophieGermainTester (object):
344 def pg_begin(me, ev):
345 me.lr = RabinMiller(ev.x)
346 me.hr = RabinMiller(2 * ev.x + 1)
348 lst = me.lr.test(ev.rng.range(me.lr.x))
349 if lst != PGEN_PASS and lst != PGEN_DONE:
351 rst = me.hr.test(ev.rng.range(me.hr.x))
352 if rst != PGEN_PASS and rst != PGEN_DONE:
354 if lst == PGEN_DONE and rst == PGEN_DONE:
361 class PrimeGenEventHandler (object):
362 def pg_begin(me, ev):
366 def pg_abort(me, ev):
373 class PrimitiveStepper (PrimeGenEventHandler):
379 def pg_begin(me, ev):
380 me.i = iter(smallprimes)
383 class PrimitiveTester (PrimeGenEventHandler):
384 def __init__(me, mod, hh = [], exp = None):
390 if me.exp is not None:
391 x = me.mod.exp(x, me.exp)
392 if x == 1: return PGEN_FAIL
394 if me.mod.exp(x, h) == 1: return PGEN_FAIL
398 class SimulStepper (PrimeGenEventHandler):
399 def __init__(me, mul = 2, add = 1, step = 2):
403 def _stepfn(me, step):
405 raise ValueError, 'step must be positive'
407 return lambda f: f.step(step)
408 j = PrimeFilter(step)
409 return lambda f: f.jump(j)
410 def pg_begin(me, ev):
412 me.lf = PrimeFilter(x)
413 me.hf = PrimeFilter(x * me.mul + me.add)
414 me.lstep = me._stepfn(me.step)
415 me.hstep = me._stepfn(me.step * me.mul)
416 SimulStepper._cont(me, ev)
424 while me.lf.status == PGEN_FAIL or me.hf.status == PGEN_FAIL:
426 if me.lf.status == PGEN_ABORT or me.hf.status == PGEN_ABORT:
429 if me.lf.status == PGEN_DONE and me.hf.status == PGEN_DONE:
438 class SimulTester (PrimeGenEventHandler):
439 def __init__(me, mul = 2, add = 1):
442 def pg_begin(me, ev):
444 me.lr = RabinMiller(x)
445 me.hr = RabinMiller(x * me.mul + me.add)
447 lst = me.lr.test(ev.rng.range(me.lr.x))
448 if lst != PGEN_PASS and lst != PGEN_DONE:
450 rst = me.hr.test(ev.rng.range(me.hr.x))
451 if rst != PGEN_PASS and rst != PGEN_DONE:
453 if lst == PGEN_DONE and rst == PGEN_DONE:
460 def sgprime(start, step = 2, name = 'p', event = pgen_nullev, nsteps = 0):
462 return pgen(start, name, SimulStepper(step = step), SimulTester(), event,
463 nsteps, RabinMiller.iters(start.nbits))
465 def findprimitive(mod, hh = [], exp = None, name = 'g', event = pgen_nullev):
466 return pgen(0, name, PrimitiveStepper(), PrimitiveTester(mod, hh, exp),
469 def kcdsaprime(pbits, qbits, rng = rand,
470 event = pgen_nullev, name = 'p', nsteps = 0):
471 hbits = pbits - qbits
472 h = pgen(rng.mp(hbits, 1), name + ' [h]',
473 PrimeGenStepper(2), PrimeGenTester(),
474 event, nsteps, RabinMiller.iters(hbits))
475 q = pgen(rng.mp(qbits, 1), name, SimulStepper(2 * h, 1, 2),
476 SimulTester(2 * h, 1), event, nsteps, RabinMiller.iters(qbits))
482 #----- That's all, folks ----------------------------------------------------