delta/python-packages/pycrypto.git/lib/Crypto/SelfTest/Protocol/test_KDF.py, branch master

Rename S2V -> _S2V until we come up with a real PRF API

2013-10-21T00:48:54+00:00

Add support for SIV (Synthetic IV) mode

2013-10-20T20:30:21+00:00

This patch add supports for SIV, an AEAD block cipher
mode defined in RFC5297. SIV is only valid for AES.

The PRF of SIV (S2V) is factored out in the Protocol.KDF module.

See the following example to get a feeling of the API (slightly
different than other AEAD mode, during decryption).

Encryption (Python 2):

	>>> from Crypto.Cipher import AES
	>>> key = b'0'*32
	>>> siv = AES.new(key, AES.MODE_SIV)
	>>> ct  = siv.encrypt(b'Message')
	>>> mac = siv.digest()

Decryption (Python 2):

	>>> from Crypto.Cipher import AES, MacMismatchError
	>>> key = b'0'*32
	>>> siv = AES.new(key, AES.MODE_SIV)
	>>> pt  = siv.decrypt(ct + mac)
	>>> try:
	>>>	siv.verify(mac)
	>>>	print "Plaintext", pt
	>>> except MacMismatchError:
	>>>     print "Error"

This change also fixes the description/design of AEAD API.

With SIV (RFC5297), decryption can only start when the MAC is known.
The original AEAD API did not support that.

For SIV the MAC is now exceptionally passed together with the ciphertext
to the decrypt() method.

[dlitz@dlitz.net: Included changes from the following commits from the author's pull request:]
- [9c13f9c] Rename 'IV' parameter to 'nonce' for AEAD modes.
- [d7727fb] Fix description/design of AEAD API.
- [fb62fae] ApiUsageError becomes TypeError [whitespace]
- [4ec64d8] Removed last references to ApiUsageError [whitespace]
- [ee46922] Removed most 'import *' statements
- [ca460a7] Made blockalgo.py more PEP-8 compliant;
            The second parameter of the _GHASH constructor
            is now the length of the block (block_size)
            and not the full module.
[dlitz@dlitz.net: A conflict that was not resolved in the previous
                  commit was originally resolved here.  Moved the
                  resolution to the previous commit.]
[dlitz@dlitz.net: Replaced MacMismatchError with ValueError]
[dlitz@dlitz.net: Replaced ApiUsageError with TypeError]
[dlitz@dlitz.net: Whitespace fixed with "git rebase --whitespace=fix"]

Removed most 'import *' statements

2013-10-20T20:30:21+00:00

[dlitz@dlitz.net: Re-ordered commits; so don't import S2V yet]
[dlitz@dlitz.net: Included an additional 'import *' change from the following commit:]
    commit 4ec64d8eaaa4965889eb8e3b801fc77aa84e0a4e
    Author: Legrandin 
    Date:   Tue Sep 10 07:28:08 2013 +0200

        Removed last references to ApiUsageError

[dlitz@dlitz.net: Removed unrelated whitespace changes]

whitespace changes (pre-AEAD)

2013-10-20T20:30:21+00:00

[dlitz@dlitz.net: Whitespace changes extracted from the author's pull request:]
- [9c13f9c] Rename 'IV' parameter to 'nonce' for AEAD modes.
- [4ec64d8] Removed last references to ApiUsageError
- [ee46922] Removed most 'import *' statements

Hash: Rename SHA->SHA1 and RIPEMD->RIPEMD160 (1/2)

2013-02-17T00:20:23+00:00

These algorithm names were confusing, because there are actually
algorithms called "SHA" (a.k.a. SHA-0) and "RIPEMD" (the original
version).

This commit just renames the modules, with no backward-compatibility
support.

Re-enable (accidentally?) disabled PBKDF2 tests

2012-01-13T15:01:17+00:00

These were disabled in commit 897b75983c31a9e2630af92161e6206c2480685e

Merged from upstream (py3k support) and modified so that all unit tests pass.

2011-10-18T21:20:26+00:00

Added Lorenz Quack's native C implementation of all SHA-2 algorithm

2011-10-16T20:41:21+00:00

(as submitted here https://bugs.launchpad.net/pycrypto/+bug/544792)
so that they are available also in Python 2.1, 2.2, 2.3 and 2.4.

Regardless where the implementation comes from (Python standard
library or our native modules, depending on the Python version),
all Crypto.Hash objects are always used as front-ends.

Add new module Crypto.Protocol.KDF with two PKCS#5 key derivation algorithms.

2011-09-22T18:51:46+00:00