keycommitment/util.sage at main · kste/keycommitment · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
from Crypto.Cipher import AES
from binascii import hexlify, unhexlify

zero_block = unhexlify('00'*16)
one_block = unhexlify('11'*16)

def block_aes(block, key):
    """
    Encrypt a 16-byte block using AES with the given key.
    """
    assert(len(block) == 16)
    aes = AES.new(key, AES.MODE_CBC, iv=zero_block)
    return aes.encrypt(block)

def block_aes_inverse(block, key):
    """
    Decrypt a 16-byte block using AES with the given key.
    """
    assert(len(block) == 16)
    aes = AES.new(key, AES.MODE_CBC, iv=zero_block)
    return aes.decrypt(block)

def byte_array_to_field_element(block):
    """
    Converts a 16-byte array to an element of GF(2^128).
    """
    assert(len(block) == 16)
    field_element = 0
    for i in range(128):
        if (block[i // 8] >> (7 - (i % 8))) & 1 == 1:
            field_element += x^i
    return F(field_element)

def field_element_to_byte_array(element):
    """
    Converts an element of GF(2^128) to a 16-byte array.
    """
    coeff = element.polynomial().coefficients(sparse=False)
    result = [0 for _ in range(16)]
    for i in range(len(coeff)):
        if coeff[i] == 1:
            result[i // 8] |= (1 << ((7 - i) % 8))
    return bytes(result)

def byte_array_to_field_element_gcm_siv(block):
    """
    Converts a 16-byte array to an element of GF(2^128).
    """
    assert(len(block) == 16)
    field_element = 0
    for i in range(128):
        if (block[i // 8] >> (i % 8)) & 1 == 1:
            field_element += x^i
    return F(field_element)

def field_element_to_byte_array_gcm_siv(element):
    """
    Converts an element of GF(2^128) to a 16-byte array.
    """
    coeff = element.polynomial().coefficients(sparse=False)
    result = [0 for _ in range(16)]
    for i in range(len(coeff)):
        if coeff[i] == 1:
            result[i // 8] |= (1 << (i % 8))
    return bytes(result)

def byte_array_to_bitvector(a):
    result = []
    for i in range(len(a)):
        for j in range(8):
            result.append(a[i] >> j & 0x1)
    return result

def xor_block(block_a, block_b):
    assert(len(block_a) == len(block_b))
    return bytes([a ^^ b for a, b in zip(block_a, block_b)])