[Nym3-commit] r106 - trunk

nym3-devel@lists.noreply.org nym3-devel@lists.noreply.org
Wed, 18 Aug 2004 16:45:53 +0200 

Author: jr
Date: 2004-08-18 16:45:52 +0200 (Wed, 18 Aug 2004)
New Revision: 106

Added:
   trunk/Crypto.py
Modified:
   trunk/User.py
Log:
- implement the method of encryption (section 4.2 of nym-spec) (Crypto.py)
- adapt lioness encryption and decription from _mixminion.Crypto to have a size of key of 16 bytes (Crypto.py)
- use nym_encrypt in blobify and store (User.py)


Added: trunk/Crypto.py
===================================================================
--- trunk/Crypto.py	2004-08-18 11:46:40 UTC (rev 105)
+++ trunk/Crypto.py	2004-08-18 14:45:52 UTC (rev 106)
@@ -0,0 +1,102 @@
+import random
+from mixminion.Packet import compressData
+import mixminion.Crypto as _cr
+import mixminion._minionlib as _ml
+
+
+DIGEST_LEN = 20
+AES_KEY_LEN = _cr.AES_KEY_LEN
+
+#stealing and adapting mixminion lioness encryption / decryption
+def lioness_encrypt(s,key):
+    """Given a 16-byte key, encrypts s using the LIONESS
+       super-pseudorandom permutation.
+    """
+
+    assert len(key) == AES_KEY_LEN
+    z15 = "\x00"*15
+    key1 = key
+    key2 = _ml.strxor(key1, z15+"\x01")
+    key3 = _ml.strxor(key1, z15+"\x02")
+    key4 = _ml.strxor(key1, z15+"\x03")
+        
+    # Split the message.
+    left = s[:DIGEST_LEN]
+    right = s[DIGEST_LEN:]
+    del s
+    # Performance note: This business with sha1("".join((key,right,key)))
+    # may look slow, but it contributes only .7% to the total time for
+    # LIONESS.
+    right = _ml.aes_ctr128_crypt(
+        _ml.aes_key(_ml.sha1("".join((key1,left,key1)))[:AES_KEY_LEN]),
+        right, 0)
+    left = _ml.strxor(left,  _ml.sha1("".join((key2,right,key2))))
+    right = _ml.aes_ctr128_crypt(
+        _ml.aes_key(_ml.sha1("".join((key3,left,key3)))[:AES_KEY_LEN]),
+        right, 0)
+    left = _ml.strxor(left,  _ml.sha1("".join((key4,right,key4))))
+
+    # You could write the above as:
+    #   right = ctr_crypt(right, "".join((key1,left,key1))[:AES_KEY_LEN])
+    #   left = strxor(left, sha1("".join((key2,right,key2))))
+    #   right = ctr_crypt(right, "".join((key3,left,key3))[:AES_KEY_LEN])
+    #   left = strxor(left, sha1("".join((key4,right,key4))))
+    # but that would be slower by about 10%.  (Since LIONESS is in the
+    # critical path, we care.)
+
+    return left + right
+
+def lioness_decrypt(s,key):
+    """Given a 16-byte key decrypts s using the LIONESS super-pseudorandom permutation.
+    """
+
+    assert len(key) == AES_KEY_LEN
+    z15 = "\x00"*15
+    key1 = key
+    key2 = _ml.strxor(key1, z15+"\x01")
+    key3 = _ml.strxor(key1, z15+"\x02")
+    key4 = _ml.strxor(key1, z15+"\x03")
+    
+    left = s[:DIGEST_LEN]
+    right = s[DIGEST_LEN:]
+    del s
+
+    # Slow, comprehensible version:
+    #left = strxor(left,  sha1("".join([key4,right,key4])))
+    #right = ctr_crypt(right, sha1("".join([key3,left,key3]))[:AES_KEY_LEN])
+    #left = strxor(left,  sha1("".join([key2,right,key2])))
+    #right = ctr_crypt(right, sha1("".join([key1,left,key1]))[:AES_KEY_LEN])
+
+    # Equivalent-but-faster version:
+    left = _ml.strxor(left, _ml.sha1("".join((key4,right,key4))))
+    right = _ml.aes_ctr128_crypt(
+        _ml.aes_key(_ml.sha1("".join((key3,left, key3)))[:AES_KEY_LEN]),
+        right, 0)
+    left = _ml.strxor(left, _ml.sha1("".join((key2,right,key2))))
+    right = _ml.aes_ctr128_crypt(
+        _ml.aes_key(_ml.sha1("".join((key1,left, key1)))[:AES_KEY_LEN]),
+        right, 0)
+
+    return left + right
+
+
+
+
+def nym_encrypt(data, key):
+    n = nbBits(_cr.pk_get_modulus(key)) / 8
+    assert n == 128 or n == 256
+    dataC = compressData(data)
+    #we pad to a multiple of the size of the RSA key
+    paddingLen = len(dataC) - (len(dataC) / n) * n
+    if paddingLen != 0:
+        paddingLen = n - paddingLen
+    dataP = dataC + '0'*paddingLen
+    k = ""
+    for i in range(0, 16):
+        k = k + chr(random.randint(0, 255))
+    dataE = lioness_encrypt(dataP, k)
+    #42 : taille du padding introduit par OAEP
+    #16 : taille de k
+    rsaLen = n - 42 - 16
+    rsaPart = pk_encrypt(k + dataE[0:rsaLen],key)
+    return rsaPart + dataEnc[rsaLen:]

Modified: trunk/User.py
===================================================================
--- trunk/User.py	2004-08-18 11:46:40 UTC (rev 105)
+++ trunk/User.py	2004-08-18 14:45:52 UTC (rev 106)
@@ -4,6 +4,7 @@
 import Config
 import Common
 import Mail
+import Crypto
 import pickle
 import string
 import time
@@ -133,8 +134,7 @@
         for mid, syn in l:
             m.append(mid)
             s = s + mid + intToStrBE(len(syn), 2) + syn
-            return (m, 'encrypted', Crypto.nym_encrypt(s, self.encKey()))
-        #TODO nym_encrypt and nym_decrypt
+        return (m, 'encrypted', Crypto.nym_encrypt(s, self.encKey()))
 
     def getSyn(self, mid):
 	"""Retrieve a blurb consisting of the synopsis of the
@@ -293,8 +293,7 @@
 	self.load_index()
 	mid = Mail.genMid()
 	while self.index.has_key(mid): mid = Mail.genMid()
-	self.mbox[mid] = msg # TODO : this is where we're supposed to crypt.
-
+	self.mbox[mid] = Crypto.nym_encrypt(msg,self.data['encKey']) 
 	# store the synopsis
 	self.load_synbox()
 	self.syn.append(([mid], 'clear', syn))