add m2crypto ctr, aesgcm and aesccm support

Author: Ivan Nikolchev

tlslite/utils/openssl_aes.py

@@ -11,7 +11,13 @@
     def new(key, mode, IV):
         # IV argument name is a part of the interface
         # pylint: disable=invalid-name
-        return OpenSSL_AES(key, mode, IV)
+        if mode == 2:
+            return OpenSSL_AES(key, mode, IV)
+        elif mode == 6:
+            return OpenSSL_CTR(key, mode, IV)
+        else:
+            raise NotImplementedError()
+
 
     class OpenSSL_AES(AES):
 
@@ -58,3 +64,53 @@ def decrypt(self, ciphertext):
         def __del__(self):
             if self._context is not None:
                 m2.cipher_ctx_free(self._context)
+
+
+    class OpenSSL_CTR(AES):
+
+        def __init__(self, key, mode, IV):
+            # IV argument/field names are a part of the interface
+            # pylint: disable=invalid-name
+            AES.__init__(self, key, mode, IV, "openssl")
+            self._IV = IV
+            self.key = key
+            self._context = None
+            self._encrypt = None
+            if len(key) not in (16, 24, 32):
+                raise AssertionError()
+
+        @property
+        def counter(self):
+            return self._IV
+
+        @counter.setter
+        def counter(self, ctr):
+            if self._context is not None:
+                m2.cipher_ctx_free(self._context)
+            self._IV = ctr
+            self._init_context()
+
+        def _init_context(self, encrypt=True):
+            if len(self.key) == 16:
+                cipherType = m2.aes_128_ctr()
+            if len(self.key) == 24:
+                cipherType = m2.aes_192_ctr()
+            if len(self.key) == 32:
+                cipherType = m2.aes_256_ctr()
+            self._context = m2.cipher_ctx_new()
+            m2.cipher_init(self._context, cipherType, self.key, self._IV,
+                           int(encrypt))
+            m2.cipher_set_padding(self._context, 0)
+            self._encrypt = encrypt
+
+        def encrypt(self, plaintext):
+            ciphertext = m2.cipher_update(self._context, plaintext)
+            return bytearray(ciphertext)
+
+        def decrypt(self, ciphertext):
+            plaintext = m2.cipher_update(self._context, ciphertext)
+            return bytearray(plaintext)
+
+        def __del__(self):
+            if self._context is not None:
+                m2.cipher_ctx_free(self._context)

tlslite/utils/openssl_aesccm.py

@@ -0,0 +1,21 @@
+# Author: Ivan Nikolchev
+# See the LICENSE file for legal information regarding use of this file.
+
+"""AESCCM with CTR and CBC from m2crypto"""
+
+from tlslite.utils.cryptomath import m2cryptoLoaded
+from tlslite.utils.aesccm import AESCCM
+from tlslite.utils import openssl_aes
+
+
+if m2cryptoLoaded:
+    def new(key, tagLength=16):
+        return OPENSSL_AESCCM(key, "openssl", bytearray(16), tagLength)
+
+
+class OPENSSL_AESCCM(AESCCM):
+    def __init__(self, key, implementation, rawAesEncrypt, tagLength):
+        super(OPENSSL_AESCCM, self).__init__(key, implementation, rawAesEncrypt, tagLength)
+
+        self._ctr = openssl_aes.new(key, 6, bytearray(b'\x00' * 16))
+        self._cbc = openssl_aes.new(key, 2, bytearray(b'\x00' * 16))

tlslite/utils/openssl_aesgcm.py

@@ -0,0 +1,20 @@
+# Author: Ivan Nikolchev
+# See the LICENSE file for legal information regarding use of this file.
+
+"""AESGCM with CTR from m2crypto"""
+
+from tlslite.utils.cryptomath import m2cryptoLoaded
+from tlslite.utils.aesgcm import AESGCM
+from tlslite.utils import openssl_aes
+from tlslite.utils.rijndael import Rijndael
+
+if m2cryptoLoaded:
+    def new(key):
+        return OPENSSL_AESGCM(key, "openssl", Rijndael(key, 16).encrypt)
+
+
+class OPENSSL_AESGCM(AESGCM):
+    def __init__(self, key, implementation, rawAesEncrypt):
+        super(OPENSSL_AESGCM, self).__init__(key, implementation, rawAesEncrypt)
+
+        self._ctr = openssl_aes.new(key, 6, bytearray(b'\x00' * 16))