From 5d7ab24c513fb43a604ad23b23d040a53069c4db Mon Sep 17 00:00:00 2001 From: Legrandin Date: Tue, 28 May 2013 23:57:56 +0200 Subject: Add support for GCM mode (AES only). The main change done by this commit is adding support for MODE_GCM (NIST SP 800 38D). Test vectors are included. The mode uses a C extension (Crypto.Util.galois._ghash) to compute the GHASH step. The C implementation is the most basic one and it is still significantly (5x times) slower than CTR. Optimizations can be introduced using tables (CPU/memory trade-off) or even AES NI instructions on newer x86 CPUs. This patch also simplifies Crypto.Cipher.blockalgo.py by: * removing duplicated code previously shared by digest() and verify(). * removing duplicated code previously shared by Crypto.Hash.CMAC and Crypto.Cipher.block_algo (management of internal buffers for MACs that can only operate on block aligned data, like CMAC, CBCMAC, and now also GHASH). [dlitz@dlitz.net: Included changes from the following commits from the author's pull request:] - [9c13f9c] Rename 'IV' parameter to 'nonce' for AEAD modes. - [ca460a7] Made blockalgo.py more PEP-8 compliant; The second parameter of the _GHASH constructor is now the length of the block (block_size) and not the full module. [dlitz@dlitz.net: Replaced MacMismatchError with ValueError] [dlitz@dlitz.net: Replaced ApiUsageError with TypeError] [dlitz@dlitz.net: Replaced renamed variable `ht` with original `h`] [dlitz@dlitz.net: Whitespace fixed with "git rebase --whitespace=fix"] --- setup.py | 3 +++ 1 file changed, 3 insertions(+) (limited to 'setup.py') diff --git a/setup.py b/setup.py index ba0cc0d..6e43122 100644 --- a/setup.py +++ b/setup.py @@ -477,6 +477,9 @@ kw = {'name':"pycrypto", Extension("Crypto.Util.cpuid", include_dirs=['src/'], sources=['src/cpuid.c']), + Extension("Crypto.Util.galois", + include_dirs=['src/'], + sources=['src/galois.c']), # Counter modules Extension("Crypto.Util._counter", -- cgit v1.2.1