Added remaining ciphers to API

2025-12-08 05:19:46 +00:00 · 2017-08-02 00:01:53 +02:00 · 2017-08-02 00:01:53 +02:00 · c24d223929
commit c24d223929
parent dbc7c7bb3d
10 changed files with 402 additions and 414 deletions
--- a/lib/Crypto/Cipher/CAST.py
+++ b/lib/Crypto/Cipher/CAST.py
@ -19,38 +19,16 @@
 # CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
 # SOFTWARE.
 # ===================================================================
-"""CAST-128 symmetric cipher
+"""
+Module's constants for the modes of operation supported with CAST:

-CAST-128_ (or CAST5) is a symmetric block cipher specified in RFC2144_.
-
-It has a fixed data block size of 8 bytes. Its key can vary in length
-from 40 to 128 bits.
-
-CAST is deemed to be cryptographically secure, but its usage is not widespread.
-Keys of sufficient length should be used to prevent brute force attacks
-(128 bits are recommended).
-
-**Use AES, not CAST. This module is only provided for legacy purposes.**
-
-As an example, encryption can be done as follows:
-
-    >>> from Crypto.Cipher import CAST
-    >>>
-    >>> key = b'Sixteen byte key'
-    >>> cipher = CAST.new(key, CAST.MODE_OPENPGP)
-    >>> plaintext = b'sona si latine loqueris '
-    >>> msg = cipher.encrypt(plaintext)
-    >>>
-    ...
-    >>> eiv = msg[:CAST.block_size+2]
-    >>> ciphertext = msg[CAST.block_size+2:]
-    >>> cipher = CAST.new(key, CAST.MODE_OPENPGP, eiv)
-    >>> print cipher.decrypt(ciphertext)
-
-.. _CAST-128: http://en.wikipedia.org/wiki/CAST-128
-.. _RFC2144: http://tools.ietf.org/html/rfc2144
-
-:undocumented: __package__
+:var MODE_ECB: Electronic Code Book (ECB)
+:var MODE_CBC: Cipher-Block Chaining (CBC)
+:var MODE_CFB: Cipher FeedBack (CFB)
+:var MODE_OFB: Output FeedBack (OFB)
+:var MODE_CTR: CounTer Mode (CTR)
+:var MODE_OPENPGP:  OpenPGP Mode
+:var MODE_EAX: EAX Mode
 """

 import sys
@ -108,95 +86,76 @@ def _create_base_cipher(dict_parameters):


 def new(key, mode, *args, **kwargs):
-    """Create a new CAST-128 cipher
+    """Create a new CAST cipher

-    :Parameters:
-      key : byte string
+    :param key:
        The secret key to use in the symmetric cipher.
-        Its length may vary from 5 to 16 bytes.
-        The recommended length is 16 bytes.
+        Its length can vary from 5 to 16 bytes.
+    :type key: byte string

-      mode : a *MODE_** constant
+    :param mode:
        The chaining mode to use for encryption or decryption.
+    :type mode: One of the supported ``MODE_*`` constants

-    :Keywords:
-      iv : byte string
-        (*Only* `MODE_CBC`, `MODE_CFB`, `MODE_OFB`, `MODE_OPENPGP`).
+    :Keyword Arguments:
+        *   *iv* (``byte string``) --
+            (Only applicable for ``MODE_CBC``, ``MODE_CFB``, ``MODE_OFB``,
+            and ``MODE_OPENPGP`` modes).

-        The initialization vector to use for encryption or decryption.
+            The initialization vector to use for encryption or decryption.

-        For `MODE_OPENPGP`, IV must be 8 bytes long for encryption
-        and 10 bytes for decryption (in the latter case, it is
-        actually the *encrypted* IV which was prefixed to the ciphertext).
+            For ``MODE_CBC``, ``MODE_CFB``, and ``MODE_OFB`` it must be 8 bytes long.

-        For all other modes, it must be 8 bytes long.
+            For ``MODE_OPENPGP`` mode only,
+            it must be 8 bytes long for encryption
+            and 10 bytes for decryption (in the latter case, it is
+            actually the *encrypted* IV which was prefixed to the ciphertext).

-        If not provided, a random byte string will be generated (you can
-        read it back via the ``iv`` attribute).
+            If not provided, a random byte string is generated (you must then
+            read its value with the :attr:`iv` attribute).

-      nonce : byte string
-        (*Only* `MODE_EAX` and `MODE_CTR`)
-        A mandatory value that must never be reused for any other encryption.
+        *   *nonce* (``byte string``) --
+            (Only applicable for ``MODE_EAX`` and ``MODE_CTR``).

-        For `MODE_CTR`, its length must be in the range ``[0..7]``.
+            A value that must never be reused for any other encryption done
+            with this key.

-        For `MODE_EAX`, there are no restrictions, but it is recommended to
-        use at least 16 bytes.
+            For ``MODE_EAX`` there are no
+            restrictions on its length (recommended: **16** bytes).

-        If not provided for `MODE_EAX`, a random 16 byte string will be
-        generated (you can read it back via the ``nonce`` attribute).
+            For ``MODE_CTR``, its length must be in the range **[0..7]**.

-      mac_len : integer
-        (*Only* `MODE_EAX`). Length of the authentication tag, in bytes.
-        It must be no larger than 8 (which is the default).
+            If not provided for ``MODE_EAX``, a random byte string is generated (you
+            can read it back via the ``nonce`` attribute).

-      segment_size : integer
-        (*Only* `MODE_CFB`).The number of **bits** the plaintext and ciphertext
-        are segmented in. It must be a multiple of 8.
-        If not specified, it will be assumed to be 8.
+        *   *segment_size* (``integer``) --
+            (Only ``MODE_CFB``).The number of **bits** the plaintext and ciphertext
+            are segmented in. It must be a multiple of 8.
+            If not specified, it will be assumed to be 8.

-      initial_value : integer
-        (*Only* `MODE_CTR`). The initial value for the counter within
-        the counter block. By default it is 0.
+        *   *mac_len* : (``integer``) --
+            (Only ``MODE_EAX``)
+            Length of the authentication tag, in bytes.
+            It must be no longer than 8 (default).

-    :Return: a CAST cipher object, of the applicable mode:
-
-        - CBC_ mode
-        - CFB_ mode
-        - CTR_ mode
-        - EAX_ mode
-        - ECB_ mode
-        - OFB_ mode
-        - OpenPgp_ mode
-
-    .. _CBC: Crypto.Cipher._mode_cbc.CbcMode-class.html
-    .. _CFB: Crypto.Cipher._mode_cfb.CfbMode-class.html
-    .. _CTR: Crypto.Cipher._mode_ctr.CtrMode-class.html
-    .. _EAX: Crypto.Cipher._mode_eax.EaxMode-class.html
-    .. _ECB: Crypto.Cipher._mode_ecb.EcbMode-class.html
-    .. _OFB: Crypto.Cipher._mode_ofb.OfbMode-class.html
-    .. _OpenPgp: Crypto.Cipher._mode_openpgp.OpenPgpMode-class.html
+        *   *initial_value* : (``integer``) --
+            (Only ``MODE_CTR``). The initial value for the counter within
+            the counter block. By default it is **0**.

+    :Return: a CAST object, of the applicable mode.
    """

    return _create_cipher(sys.modules[__name__], key, mode, *args, **kwargs)

-#: Electronic Code Book (ECB). See `Crypto.Cipher._mode_ecb.EcbMode`.
 MODE_ECB = 1
-#: Cipher-Block Chaining (CBC). See `Crypto.Cipher._mode_cbc.CbcMode`.
 MODE_CBC = 2
-#: Cipher FeedBack (CFB). See `Crypto.Cipher._mode_cfb.CfbMode`.
 MODE_CFB = 3
-#: Output FeedBack (OFB). See `Crypto.Cipher._mode_ofb.OfbMode`.
 MODE_OFB = 5
-#: CounTer Mode (CTR). See `Crypto.Cipher._mode_ctr.CtrMode`.
 MODE_CTR = 6
-#: OpenPGP Mode. See `Crypto.Cipher._mode_openpgp.OpenPgpMode`.
 MODE_OPENPGP = 7
-#: EAX Mode. See `Crypto.Cipher._mode_eax.EaxMode`.
 MODE_EAX = 9

-#: Size of a data block (in bytes)
+# Size of a data block (in bytes)
 block_size = 8
-#: Size of a key (in bytes)
+# Size of a key (in bytes)
 key_size = xrange(5, 16 + 1)