Merge pull request #104 from reaperhulk/ctr-support

AES Counter support
pyca · Oct 17, 2013 · b8f6a36 · b8f6a36
2 parents 169dee8 + 89b3dd3
commit b8f6a36
Show file tree

Hide file tree

Showing 8 changed files with 59 additions and 0 deletions.
diff --git a/cryptography/bindings/openssl/api.py b/cryptography/bindings/openssl/api.py
@@ -103,6 +103,8 @@ def create_block_cipher_context(self, cipher, mode):
         assert evp_cipher != self.ffi.NULL
         if isinstance(mode, interfaces.ModeWithInitializationVector):
             iv_nonce = mode.initialization_vector
+        elif isinstance(mode, interfaces.ModeWithNonce):
+            iv_nonce = mode.nonce
         else:
             iv_nonce = self.ffi.NULL
 

diff --git a/cryptography/primitives/block/modes.py b/cryptography/primitives/block/modes.py
@@ -44,6 +44,15 @@ def __init__(self, initialization_vector):
         self.initialization_vector = initialization_vector
 
 
+class CTR(object):
+    name = "CTR"
+
+    def __init__(self, nonce):
+        super(CTR, self).__init__()
+        self.nonce = nonce
+
+
 interfaces.ModeWithInitializationVector.register(CBC)
 interfaces.ModeWithInitializationVector.register(OFB)
 interfaces.ModeWithInitializationVector.register(CFB)
+interfaces.ModeWithNonce.register(CTR)
diff --git a/cryptography/primitives/interfaces.py b/cryptography/primitives/interfaces.py
@@ -20,3 +20,7 @@
 
 class ModeWithInitializationVector(six.with_metaclass(abc.ABCMeta)):
     pass
+
+
+class ModeWithNonce(six.with_metaclass(abc.ABCMeta)):
+    pass
diff --git a/docs/primitives/symmetric-encryption.rst b/docs/primitives/symmetric-encryption.rst
@@ -77,6 +77,25 @@ Modes
                                         reuse an ``initialization_vector`` with
                                         a given ``key``.
 
+
+.. class:: cryptography.primitives.block.modes.CTR(nonce)
+
+    .. warning::
+
+        Counter mode is not recommended for use with block ciphers that have a
+        block size of less than 128-bits.
+
+    CTR (Counter) is a mode of operation for block ciphers. It is considered
+    cryptographically strong.
+
+    :param bytes nonce: Should be random bytes. It is critical to never reuse a
+                        ``nonce`` with a given key.  Any reuse of a nonce
+                        with the same key compromises the security of every
+                        message encrypted with that key. Must be the same
+                        number of bytes as the ``block_size`` of the cipher
+                        with a given key. The nonce does not need to be kept
+                        secret and may be included alongside the ciphertext.
+
 .. class:: cryptography.primitives.block.modes.OFB(initialization_vector)
 
     OFB (Output Feedback) is a mode of operation for block ciphers. It

diff --git a/tests/primitives/test_openssl_vectors.py b/tests/primitives/test_openssl_vectors.py
@@ -59,3 +59,15 @@ class TestCamelliaCFB(object):
         only_if=lambda api: api.supports_cipher("camellia-128-cfb"),
         skip_message="Does not support Camellia CFB",
     )
+
+
+class TestAESCTR(object):
+    test_OpenSSL = generate_encrypt_test(
+        load_openssl_vectors_from_file,
+        "AES",
+        ["aes-128-ctr.txt", "aes-192-ctr.txt", "aes-256-ctr.txt"],
+        lambda key, iv: ciphers.AES(binascii.unhexlify(key)),
+        lambda key, iv: modes.CTR(binascii.unhexlify(iv)),
+        only_if=lambda api: api.supports_cipher("aes-128-ctr"),
+        skip_message="Does not support AES CTR",
+    )
diff --git a/tests/primitives/vectors/OpenSSL/AES/aes-128-ctr.txt b/tests/primitives/vectors/OpenSSL/AES/aes-128-ctr.txt
@@ -0,0 +1,4 @@
+# AES Counter test vectors from RFC3686
+aes-128-ctr:AE6852F8121067CC4BF7A5765577F39E:00000030000000000000000000000001:53696E676C6520626C6F636B206D7367:E4095D4FB7A7B3792D6175A3261311B8:1
+aes-128-ctr:7E24067817FAE0D743D6CE1F32539163:006CB6DBC0543B59DA48D90B00000001:000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F:5104A106168A72D9790D41EE8EDAD388EB2E1EFC46DA57C8FCE630DF9141BE28:1
+aes-128-ctr:7691BE035E5020A8AC6E618529F9A0DC:00E0017B27777F3F4A1786F000000001:000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F20212223:C1CF48A89F2FFDD9CF4652E9EFDB72D74540A42BDE6D7836D59A5CEAAEF3105325B2072F:1
diff --git a/tests/primitives/vectors/OpenSSL/AES/aes-192-ctr.txt b/tests/primitives/vectors/OpenSSL/AES/aes-192-ctr.txt
@@ -0,0 +1,4 @@
+# AES Counter test vectors from RFC3686
+aes-192-ctr:16AF5B145FC9F579C175F93E3BFB0EED863D06CCFDB78515:0000004836733C147D6D93CB00000001:53696E676C6520626C6F636B206D7367:4B55384FE259C9C84E7935A003CBE928:1
+aes-192-ctr:7C5CB2401B3DC33C19E7340819E0F69C678C3DB8E6F6A91A:0096B03B020C6EADC2CB500D00000001:000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F:453243FC609B23327EDFAAFA7131CD9F8490701C5AD4A79CFC1FE0FF42F4FB00:1
+aes-192-ctr:02BF391EE8ECB159B959617B0965279BF59B60A786D3E0FE:0007BDFD5CBD60278DCC091200000001:000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F20212223:96893FC55E5C722F540B7DD1DDF7E758D288BC95C69165884536C811662F2188ABEE0935:1
diff --git a/tests/primitives/vectors/OpenSSL/AES/aes-256-ctr.txt b/tests/primitives/vectors/OpenSSL/AES/aes-256-ctr.txt
@@ -0,0 +1,5 @@
+# AES Counter test vectors from RFC3686
+aes-256-ctr:776BEFF2851DB06F4C8A0542C8696F6C6A81AF1EEC96B4D37FC1D689E6C1C104:00000060DB5672C97AA8F0B200000001:53696E676C6520626C6F636B206D7367:145AD01DBF824EC7560863DC71E3E0C0:1
+aes-256-ctr:F6D66D6BD52D59BB0796365879EFF886C66DD51A5B6A99744B50590C87A23884:00FAAC24C1585EF15A43D87500000001:000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F:F05E231B3894612C49EE000B804EB2A9B8306B508F839D6A5530831D9344AF1C:1
+aes-256-ctr:FF7A617CE69148E4F1726E2F43581DE2AA62D9F805532EDFF1EED687FB54153D:001CC5B751A51D70A1C1114800000001:000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F20212223:EB6C52821D0BBBF7CE7594462ACA4FAAB407DF866569FD07F48CC0B583D6071F1EC0E6B8:1
+