Merge pull request #80 from bit/pycryptodome

Use PyCryptodome

README.md

@@ -8,15 +8,15 @@ Install the potr Python module:
 
     sudo python setup.py install
 
-__Dependencies__: pycrypto >= 2.1 (see [dlitz/pycrypto](https://github.com/dlitz/pycrypto))
+__Dependencies__: PyCryptodome (see [Legrandin/pycryptodome](https://github.com/Legrandin/pycryptodome))
 
 This software is experimental and potentially insecure. Do not rely on it
 =========================================================================
 
 Usage Notes
 ===========
-This module uses pycrypto's RNG. If you use this package in your application and your application
-uses `os.fork()`, make sure to call `Crypto.Random.atfork()` in both the parent and the child process.
+This module uses PyCryptodome's RNG. If you use this package in your application and your application
+uses `os.fork()`, make sure to call `Cryptodome.Random.atfork()` in both the parent and the child process.
 
 Reporting bugs
 ==============

requirements.txt

@@ -1 +1 @@
-PyCrypto >= 2.1
+PyCryptodome

setup.py

@@ -22,7 +22,7 @@
 
     from setuptools.command.install_lib import install_lib
 
-    args['install_requires']=['pycrypto>=2.1']
+    args['install_requires']=['PyCryptodome']
 except ImportError:
     print('\n*** setuptools not found! Falling back to distutils\n\n')
     from distutils.core import setup
@@ -45,12 +45,12 @@
 
     sudo python setup.py install
 
-**Dependencies**: pycrypto >= 2.1 (see `dlitz/pycrypto <https://github.com/dlitz/pycrypto>`_)
+**Dependencies**: PyCryptodome (see `Legrandin/pycryptodome <https://github.com/Legrandin/pycryptodome>`_)
 
 Usage Notes
 ===========
-This module uses pycrypto's RNG. If you use this package in your application and your application
-uses ``os.fork()``, make sure to call ``Crypto.Random.atfork()`` in both the parent and the child process.
+This module uses PyCryptodome's RNG. If you use this package in your application and your application
+uses ``os.fork()``, make sure to call ``Cryptodome.Random.atfork()`` in both the parent and the child process.
 
 Reporting bugs
 ==============

src/potr/compatcrypto/pycrypto.py

@@ -15,19 +15,23 @@
 #    You should have received a copy of the GNU Lesser General Public License
 #    along with this library.  If not, see <http://www.gnu.org/licenses/>.
 
+
+from Cryptodome import Cipher
+from Cryptodome.Hash import HMAC as _HMAC
+from Cryptodome.Hash import SHA256 as _SHA256
+from Cryptodome.Hash import SHA as _SHA1
+from Cryptodome.PublicKey import DSA
+from Cryptodome.Random import random
+from Cryptodome.Signature import DSS
+from Cryptodome.Util import Counter
+
 try:
   import Crypto
 except ImportError:
   import crypto as Crypto
 
 from Crypto import Cipher
-from Crypto.Util import Counter
-from Crypto.Hash import SHA256 as _SHA256
-from Crypto.Hash import SHA as _SHA1
-from Crypto.Hash import HMAC as _HMAC
-from Crypto.PublicKey import DSA
-from Crypto.Signature import DSS
-import Crypto.Random.random
+
 from numbers import Number
 
 from potr.compatcrypto import common
@@ -85,13 +89,16 @@ def fingerprint(self):
         return SHA1(self.getSerializedPublicPayload())
 
     def sign(self, data):
-        signer = DSS.new(self.priv, 'fips-186-3')
-        signature = signer.sign(data)
-        return signature
+        # 2 <= K <= q
+        K = randrange(2, self.priv.q)
+        M = bytes_to_long(data)
+        r, s = self.priv._sign(M, K)
+        return long_to_bytes(r, 20) + long_to_bytes(s, 20)
 
     def verify(self, data, sig):
         r, s = bytes_to_long(sig[:20]), bytes_to_long(sig[20:])
-        return self.pub.verify(data, (r, s))
+        M = bytes_to_long(data)
+        return self.pub._verify(M, (r, s))
 
     def __hash__(self):
         return bytes_to_long(self.fingerprint())
@@ -122,7 +129,7 @@ def parsePayload(cls, data, private=False):
         return cls((y, g, p, q), private=False), data
 
 def getrandbits(k):
-    return Crypto.Random.random.getrandbits(k)
+    return random.getrandbits(k)
 
 def randrange(start, stop):
-    return Crypto.Random.random.randrange(start, stop)
+    return random.randrange(start, stop)

src/potr/crypt.py

@@ -69,8 +69,8 @@ def __init__(self, sendenc, sendmac, rcvenc, rcvmac):
         self.sendmac = sendmac
         self.rcvenc = rcvenc
         self.rcvmac = rcvmac
-        self.sendctr = Counter(0)
-        self.rcvctr = Counter(0)
+        self.sendctr = 0
+        self.rcvctr = 0
         self.sendmacused = False
         self.rcvmacused = False
 
@@ -177,12 +177,12 @@ def handleDataMessage(self, msg):
         sesskey.rcvmacused = True
 
         newCtrPrefix = bytes_to_long(msg.ctr)
-        if newCtrPrefix <= sesskey.rcvctr.prefix:
+        if newCtrPrefix <= sesskey.rcvctr:
             logger.error('CTR must increase (old %r, new %r)',
                     sesskey.rcvctr.prefix, newCtrPrefix)
             raise InvalidParameterError
 
-        sesskey.rcvctr.prefix = newCtrPrefix
+        sesskey.rcvctr = newCtrPrefix
 
         logger.debug('handle: enc={0!r} mac={1!r} ctr={2!r}' \
                 .format(sesskey.rcvenc, sesskey.rcvmac, sesskey.rcvctr))
@@ -232,7 +232,7 @@ def createDataMessage(self, message, flags=0, tlvs=None):
             tlvs = []
 
         sess = self.sessionkeys[1][0]
-        sess.sendctr.inc()
+        sess.sendctr += 1
 
         logger.debug('create: enc={0!r} mac={1!r} ctr={2!r}' \
                 .format(sess.sendenc, sess.sendmac, sess.sendctr))
@@ -242,7 +242,7 @@ def createDataMessage(self, message, flags=0, tlvs=None):
         encmsg = AESCTR(sess.sendenc, sess.sendctr).encrypt(plainBuf)
 
         msg = proto.DataMessage(flags, self.ourKeyid-1, self.theirKeyid,
-                long_to_bytes(self.ourDHKey.pub), sess.sendctr.byteprefix(),
+                long_to_bytes(self.ourDHKey.pub), long_to_bytes(sess.sendctr, 8),
                 encmsg, b'', b''.join(self.savedMacKeys))
 
         self.savedMacKeys = []