Merge d5aadd9 into 92ae06b

.travis.yml

@@ -1,17 +1,16 @@
 language:
   python
 python:
-  - 2.6
   - 2.7
   - 3.3
+  - 3.6
 install:
-  - pip install -e .
-  - if [[ $TRAVIS_PYTHON_VERSION == '2.6' ]]; then pip install unittest2; fi
+  - pip install -r requirements.txt
 script:
   nosetests --verbose
 notifications:
   email:
-    - filippo.valsorda@gmail.com
+    - max@keybase.io
 after_success:
   - pip install coveralls
   - coverage run --source=triplesec setup.py -q nosetests

README.rst

@@ -80,6 +80,13 @@ API
 
 Sphinx documentation coming soon.
 
+Changes in 0.5
+-----------------------
+For message authentication, the Triplesec spec uses the Keccak SHA3 proposal function for versions 1 through 3, but for some time, this library used the standardized SHA3-512 function instead. Thus, the Python implementation for versions 1 through 3 is incompatible with the JavaScript and Golang implementations.
+From version 4 and going forward, the spec will use only the standardized SHA3-512 function (provided, for example, by `hashlib` in Python), and the Python, JavaScript, and Golang implementations will be compatible.
+
+Additionally, invocations that do not specify a version will now use version 4 by default, which is incompatible with previous versions.
+
 Example
 -------
 

requirements.txt

@@ -0,0 +1,6 @@
+pycryptodome
+scrypt
+six
+pysha3
+twofish
+salsa20

setup.py

@@ -26,10 +26,10 @@
 
 setup(
     name = 'TripleSec',
-    version = '0.4',
+    version = '0.5',
     description = 'a Python implementation of TripleSec',
-    author = 'Filippo Valsorda',
-    author_email = 'filippo.valsorda@gmail.com',
+    author = 'Keybase',
+    author_email = 'max@keybase.io',
     url = 'http://github.com/keybase/python-triplesec',
     packages = ['triplesec'],
     license = 'BSD-new',
@@ -41,7 +41,7 @@
                    'Topic :: Security :: Cryptography',
                    'Topic :: Software Development :: Libraries'],
     long_description = open('README.rst').read(),
-    install_requires = ["pycrypto",
+    install_requires = ["pycryptodome",
                         "scrypt",
                         "six",
                         "pysha3",

tox.ini

@@ -1,5 +1,5 @@
 [tox]
-envlist = py26,py27,py33
+envlist = py27,py33,py36
 
 [testenv]
 deps =

triplesec/__init__.py

@@ -31,7 +31,7 @@
 
 ### MAIN CLASS
 class TripleSec():
-    LATEST_VERSION = 3
+    LATEST_VERSION = max(VERSIONS.keys())
     MAGIC_BYTES = MAGIC_BYTES
 
     VERSIONS = VERSIONS

triplesec/crypto.py

@@ -32,6 +32,25 @@ def validate_key_size(key, key_size, algorithm):
         raise TripleSecFailedAssertion(u"Wrong {algo} key size"
                                        .format(algo=algorithm))
 
+def check_and_increment_counter(ctr):
+    # This function is adapted from pycryptodome's source code at
+    # https://github.com/Legrandin/pycryptodome/blob/39626a5b01ce5c1cf51d022be166ad0aea722177/lib/Crypto/Cipher/_mode_ctr.py#L366
+    counter_len = ctr["counter_len"]
+    prefix = ctr["prefix"]
+    suffix = ctr["suffix"]
+    initial_value = ctr["initial_value"]
+    little_endian = ctr["little_endian"]
+    words = []
+    while initial_value > 0:
+        words.append(struct.pack('B', initial_value & 255))
+        initial_value >>= 8
+    words += [ b'\x00' ] * max(0, counter_len - len(words))
+    if not little_endian:
+        words.reverse()
+    counter_block = prefix + b"".join(words) + suffix
+    ctr["initial_value"] += 1
+    return counter_block
+
 class BlockCipher(object):
 
     @classmethod
@@ -86,7 +105,7 @@ def _gen_keystream(cls, length, tfish, ctr):
         req_blocks = length // cls.block_size + 1
         keystream = b''
         for _ in range(req_blocks):
-            keystream += tfish.encrypt(ctr())
+            keystream += tfish.encrypt(check_and_increment_counter(ctr))
         return keystream[:length]
 
     @classmethod

triplesec/test/test.py

@@ -24,6 +24,7 @@
 
 # A generic vector for various tests
 VECTOR = vectors[0]
+assert 'disabled' not in VECTOR
 
 
 class TripleSec_tests(unittest.TestCase):
@@ -127,24 +128,6 @@ def test_tampered_data(self):
         c = c[:-2] + six.int2byte(six.indexbytes(c, -2) ^ 25) + six.int2byte(six.indexbytes(c, -1))
         self.assertRaisesRegexp(TripleSecError, regex, lambda: triplesec.decrypt(c, VECTOR['key']))
 
-    def test_chi_squared(self):
-        pass  # TODO
-
-    def test_randomness(self):
-        pass  # TODO
-
-    def test_randomness_of_ciphertext(self):
-        pass  # TODO
-
-    def test_signatures_v1(self):
-        inp = unhex('1c94d7de000000019f1d6915ca8035e207292f3f4f88237da9876505dee100dfbda9fd1cd278d3590840109465e5ed347fdeb6fc2ca8c25fa5cf6e317d977f6c5209f46c30055f5c531c')
-        key = unhex('1ee5eec12cfbf3cc311b855ddfddf913cff40b3a7dce058c4e46b5ba9026ba971a973144cbf180ceca7d35e1600048d414f7d5399b4ae46732c34d898fa68fbb0dbcea10d84201734e83c824d0f66207cf6f1b6a2ba13b9285329707facbc060')
-        out = unhex('aa761d7d39c1503e3f4601f1e331787dca67794357650d76f6408fb9ea37f9eede1f45fcc741a3ec06e9d23be97eb1fbbcbe64bc6b2c010827469a8a0abbb008b11effefe95ddd558026dd2ce83838d7a087e71d8a98e5cbee59f9f788e99dbe7f9032912a4384af760c56da8d7a40ab057796ded052be17a69a6d14e703a621')
-
-        version = TripleSec.VERSIONS[1]
-
-        self.assertEqual(out, b''.join(TripleSec._generate_macs(inp, [key[:48], key[48:]], version)))
-
     def test_ciphers(self):
         s = triplesec.rndfile.read(100)
         k = triplesec.rndfile.read(32)