# This file is part of lascar
#
# lascar is free software: you can redistribute it and/or modify
# it under the terms of the GNU Lesser General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU Lesser General Public License for more details.
#
# You should have received a copy of the GNU Lesser General Public License
# along with this program. If not, see <https://www.gnu.org/licenses/>.
#
#
# Copyright 2018 Manuel San Pedro, Victor Servant, Charles Guillemet, Ledger SAS - manuel.sanpedro@ledger.fr, victor.servant@ledger.fr, charles@ledger.fr
import numpy as np
# Aes Sbox
sbox = np.array(
(
0x63,
0x7C,
0x77,
0x7B,
0xF2,
0x6B,
0x6F,
0xC5,
0x30,
0x01,
0x67,
0x2B,
0xFE,
0xD7,
0xAB,
0x76,
0xCA,
0x82,
0xC9,
0x7D,
0xFA,
0x59,
0x47,
0xF0,
0xAD,
0xD4,
0xA2,
0xAF,
0x9C,
0xA4,
0x72,
0xC0,
0xB7,
0xFD,
0x93,
0x26,
0x36,
0x3F,
0xF7,
0xCC,
0x34,
0xA5,
0xE5,
0xF1,
0x71,
0xD8,
0x31,
0x15,
0x04,
0xC7,
0x23,
0xC3,
0x18,
0x96,
0x05,
0x9A,
0x07,
0x12,
0x80,
0xE2,
0xEB,
0x27,
0xB2,
0x75,
0x09,
0x83,
0x2C,
0x1A,
0x1B,
0x6E,
0x5A,
0xA0,
0x52,
0x3B,
0xD6,
0xB3,
0x29,
0xE3,
0x2F,
0x84,
0x53,
0xD1,
0x00,
0xED,
0x20,
0xFC,
0xB1,
0x5B,
0x6A,
0xCB,
0xBE,
0x39,
0x4A,
0x4C,
0x58,
0xCF,
0xD0,
0xEF,
0xAA,
0xFB,
0x43,
0x4D,
0x33,
0x85,
0x45,
0xF9,
0x02,
0x7F,
0x50,
0x3C,
0x9F,
0xA8,
0x51,
0xA3,
0x40,
0x8F,
0x92,
0x9D,
0x38,
0xF5,
0xBC,
0xB6,
0xDA,
0x21,
0x10,
0xFF,
0xF3,
0xD2,
0xCD,
0x0C,
0x13,
0xEC,
0x5F,
0x97,
0x44,
0x17,
0xC4,
0xA7,
0x7E,
0x3D,
0x64,
0x5D,
0x19,
0x73,
0x60,
0x81,
0x4F,
0xDC,
0x22,
0x2A,
0x90,
0x88,
0x46,
0xEE,
0xB8,
0x14,
0xDE,
0x5E,
0x0B,
0xDB,
0xE0,
0x32,
0x3A,
0x0A,
0x49,
0x06,
0x24,
0x5C,
0xC2,
0xD3,
0xAC,
0x62,
0x91,
0x95,
0xE4,
0x79,
0xE7,
0xC8,
0x37,
0x6D,
0x8D,
0xD5,
0x4E,
0xA9,
0x6C,
0x56,
0xF4,
0xEA,
0x65,
0x7A,
0xAE,
0x08,
0xBA,
0x78,
0x25,
0x2E,
0x1C,
0xA6,
0xB4,
0xC6,
0xE8,
0xDD,
0x74,
0x1F,
0x4B,
0xBD,
0x8B,
0x8A,
0x70,
0x3E,
0xB5,
0x66,
0x48,
0x03,
0xF6,
0x0E,
0x61,
0x35,
0x57,
0xB9,
0x86,
0xC1,
0x1D,
0x9E,
0xE1,
0xF8,
0x98,
0x11,
0x69,
0xD9,
0x8E,
0x94,
0x9B,
0x1E,
0x87,
0xE9,
0xCE,
0x55,
0x28,
0xDF,
0x8C,
0xA1,
0x89,
0x0D,
0xBF,
0xE6,
0x42,
0x68,
0x41,
0x99,
0x2D,
0x0F,
0xB0,
0x54,
0xBB,
0x16,
),
dtype=np.uint8,
)
# Aes Sbox inverse
inv_sbox = np.array(
(
0x52,
0x09,
0x6A,
0xD5,
0x30,
0x36,
0xA5,
0x38,
0xBF,
0x40,
0xA3,
0x9E,
0x81,
0xF3,
0xD7,
0xFB,
0x7C,
0xE3,
0x39,
0x82,
0x9B,
0x2F,
0xFF,
0x87,
0x34,
0x8E,
0x43,
0x44,
0xC4,
0xDE,
0xE9,
0xCB,
0x54,
0x7B,
0x94,
0x32,
0xA6,
0xC2,
0x23,
0x3D,
0xEE,
0x4C,
0x95,
0x0B,
0x42,
0xFA,
0xC3,
0x4E,
0x08,
0x2E,
0xA1,
0x66,
0x28,
0xD9,
0x24,
0xB2,
0x76,
0x5B,
0xA2,
0x49,
0x6D,
0x8B,
0xD1,
0x25,
0x72,
0xF8,
0xF6,
0x64,
0x86,
0x68,
0x98,
0x16,
0xD4,
0xA4,
0x5C,
0xCC,
0x5D,
0x65,
0xB6,
0x92,
0x6C,
0x70,
0x48,
0x50,
0xFD,
0xED,
0xB9,
0xDA,
0x5E,
0x15,
0x46,
0x57,
0xA7,
0x8D,
0x9D,
0x84,
0x90,
0xD8,
0xAB,
0x00,
0x8C,
0xBC,
0xD3,
0x0A,
0xF7,
0xE4,
0x58,
0x05,
0xB8,
0xB3,
0x45,
0x06,
0xD0,
0x2C,
0x1E,
0x8F,
0xCA,
0x3F,
0x0F,
0x02,
0xC1,
0xAF,
0xBD,
0x03,
0x01,
0x13,
0x8A,
0x6B,
0x3A,
0x91,
0x11,
0x41,
0x4F,
0x67,
0xDC,
0xEA,
0x97,
0xF2,
0xCF,
0xCE,
0xF0,
0xB4,
0xE6,
0x73,
0x96,
0xAC,
0x74,
0x22,
0xE7,
0xAD,
0x35,
0x85,
0xE2,
0xF9,
0x37,
0xE8,
0x1C,
0x75,
0xDF,
0x6E,
0x47,
0xF1,
0x1A,
0x71,
0x1D,
0x29,
0xC5,
0x89,
0x6F,
0xB7,
0x62,
0x0E,
0xAA,
0x18,
0xBE,
0x1B,
0xFC,
0x56,
0x3E,
0x4B,
0xC6,
0xD2,
0x79,
0x20,
0x9A,
0xDB,
0xC0,
0xFE,
0x78,
0xCD,
0x5A,
0xF4,
0x1F,
0xDD,
0xA8,
0x33,
0x88,
0x07,
0xC7,
0x31,
0xB1,
0x12,
0x10,
0x59,
0x27,
0x80,
0xEC,
0x5F,
0x60,
0x51,
0x7F,
0xA9,
0x19,
0xB5,
0x4A,
0x0D,
0x2D,
0xE5,
0x7A,
0x9F,
0x93,
0xC9,
0x9C,
0xEF,
0xA0,
0xE0,
0x3B,
0x4D,
0xAE,
0x2A,
0xF5,
0xB0,
0xC8,
0xEB,
0xBB,
0x3C,
0x83,
0x53,
0x99,
0x61,
0x17,
0x2B,
0x04,
0x7E,
0xBA,
0x77,
0xD6,
0x26,
0xE1,
0x69,
0x14,
0x63,
0x55,
0x21,
0x0C,
0x7D,
),
dtype=np.uint8,
)
# 02 multiplication table
mul2 = np.array(
(
0x00,
0x02,
0x04,
0x06,
0x08,
0x0A,
0x0C,
0x0E,
0x10,
0x12,
0x14,
0x16,
0x18,
0x1A,
0x1C,
0x1E,
0x20,
0x22,
0x24,
0x26,
0x28,
0x2A,
0x2C,
0x2E,
0x30,
0x32,
0x34,
0x36,
0x38,
0x3A,
0x3C,
0x3E,
0x40,
0x42,
0x44,
0x46,
0x48,
0x4A,
0x4C,
0x4E,
0x50,
0x52,
0x54,
0x56,
0x58,
0x5A,
0x5C,
0x5E,
0x60,
0x62,
0x64,
0x66,
0x68,
0x6A,
0x6C,
0x6E,
0x70,
0x72,
0x74,
0x76,
0x78,
0x7A,
0x7C,
0x7E,
0x80,
0x82,
0x84,
0x86,
0x88,
0x8A,
0x8C,
0x8E,
0x90,
0x92,
0x94,
0x96,
0x98,
0x9A,
0x9C,
0x9E,
0xA0,
0xA2,
0xA4,
0xA6,
0xA8,
0xAA,
0xAC,
0xAE,
0xB0,
0xB2,
0xB4,
0xB6,
0xB8,
0xBA,
0xBC,
0xBE,
0xC0,
0xC2,
0xC4,
0xC6,
0xC8,
0xCA,
0xCC,
0xCE,
0xD0,
0xD2,
0xD4,
0xD6,
0xD8,
0xDA,
0xDC,
0xDE,
0xE0,
0xE2,
0xE4,
0xE6,
0xE8,
0xEA,
0xEC,
0xEE,
0xF0,
0xF2,
0xF4,
0xF6,
0xF8,
0xFA,
0xFC,
0xFE,
0x1B,
0x19,
0x1F,
0x1D,
0x13,
0x11,
0x17,
0x15,
0x0B,
0x09,
0x0F,
0x0D,
0x03,
0x01,
0x07,
0x05,
0x3B,
0x39,
0x3F,
0x3D,
0x33,
0x31,
0x37,
0x35,
0x2B,
0x29,
0x2F,
0x2D,
0x23,
0x21,
0x27,
0x25,
0x5B,
0x59,
0x5F,
0x5D,
0x53,
0x51,
0x57,
0x55,
0x4B,
0x49,
0x4F,
0x4D,
0x43,
0x41,
0x47,
0x45,
0x7B,
0x79,
0x7F,
0x7D,
0x73,
0x71,
0x77,
0x75,
0x6B,
0x69,
0x6F,
0x6D,
0x63,
0x61,
0x67,
0x65,
0x9B,
0x99,
0x9F,
0x9D,
0x93,
0x91,
0x97,
0x95,
0x8B,
0x89,
0x8F,
0x8D,
0x83,
0x81,
0x87,
0x85,
0xBB,
0xB9,
0xBF,
0xBD,
0xB3,
0xB1,
0xB7,
0xB5,
0xAB,
0xA9,
0xAF,
0xAD,
0xA3,
0xA1,
0xA7,
0xA5,
0xDB,
0xD9,
0xDF,
0xDD,
0xD3,
0xD1,
0xD7,
0xD5,
0xCB,
0xC9,
0xCF,
0xCD,
0xC3,
0xC1,
0xC7,
0xC5,
0xFB,
0xF9,
0xFF,
0xFD,
0xF3,
0xF1,
0xF7,
0xF5,
0xEB,
0xE9,
0xEF,
0xED,
0xE3,
0xE1,
0xE7,
0xE5,
),
dtype=np.uint8,
)
# 03 multiplication table
mul3 = np.array(
(
0x00,
0x03,
0x06,
0x05,
0x0C,
0x0F,
0x0A,
0x09,
0x18,
0x1B,
0x1E,
0x1D,
0x14,
0x17,
0x12,
0x11,
0x30,
0x33,
0x36,
0x35,
0x3C,
0x3F,
0x3A,
0x39,
0x28,
0x2B,
0x2E,
0x2D,
0x24,
0x27,
0x22,
0x21,
0x60,
0x63,
0x66,
0x65,
0x6C,
0x6F,
0x6A,
0x69,
0x78,
0x7B,
0x7E,
0x7D,
0x74,
0x77,
0x72,
0x71,
0x50,
0x53,
0x56,
0x55,
0x5C,
0x5F,
0x5A,
0x59,
0x48,
0x4B,
0x4E,
0x4D,
0x44,
0x47,
0x42,
0x41,
0xC0,
0xC3,
0xC6,
0xC5,
0xCC,
0xCF,
0xCA,
0xC9,
0xD8,
0xDB,
0xDE,
0xDD,
0xD4,
0xD7,
0xD2,
0xD1,
0xF0,
0xF3,
0xF6,
0xF5,
0xFC,
0xFF,
0xFA,
0xF9,
0xE8,
0xEB,
0xEE,
0xED,
0xE4,
0xE7,
0xE2,
0xE1,
0xA0,
0xA3,
0xA6,
0xA5,
0xAC,
0xAF,
0xAA,
0xA9,
0xB8,
0xBB,
0xBE,
0xBD,
0xB4,
0xB7,
0xB2,
0xB1,
0x90,
0x93,
0x96,
0x95,
0x9C,
0x9F,
0x9A,
0x99,
0x88,
0x8B,
0x8E,
0x8D,
0x84,
0x87,
0x82,
0x81,
0x9B,
0x98,
0x9D,
0x9E,
0x97,
0x94,
0x91,
0x92,
0x83,
0x80,
0x85,
0x86,
0x8F,
0x8C,
0x89,
0x8A,
0xAB,
0xA8,
0xAD,
0xAE,
0xA7,
0xA4,
0xA1,
0xA2,
0xB3,
0xB0,
0xB5,
0xB6,
0xBF,
0xBC,
0xB9,
0xBA,
0xFB,
0xF8,
0xFD,
0xFE,
0xF7,
0xF4,
0xF1,
0xF2,
0xE3,
0xE0,
0xE5,
0xE6,
0xEF,
0xEC,
0xE9,
0xEA,
0xCB,
0xC8,
0xCD,
0xCE,
0xC7,
0xC4,
0xC1,
0xC2,
0xD3,
0xD0,
0xD5,
0xD6,
0xDF,
0xDC,
0xD9,
0xDA,
0x5B,
0x58,
0x5D,
0x5E,
0x57,
0x54,
0x51,
0x52,
0x43,
0x40,
0x45,
0x46,
0x4F,
0x4C,
0x49,
0x4A,
0x6B,
0x68,
0x6D,
0x6E,
0x67,
0x64,
0x61,
0x62,
0x73,
0x70,
0x75,
0x76,
0x7F,
0x7C,
0x79,
0x7A,
0x3B,
0x38,
0x3D,
0x3E,
0x37,
0x34,
0x31,
0x32,
0x23,
0x20,
0x25,
0x26,
0x2F,
0x2C,
0x29,
0x2A,
0x0B,
0x08,
0x0D,
0x0E,
0x07,
0x04,
0x01,
0x02,
0x13,
0x10,
0x15,
0x16,
0x1F,
0x1C,
0x19,
0x1A,
),
dtype=np.uint8,
)
# 14 multiplication table
mul14 = np.array(
(
0x00,
0x0E,
0x1C,
0x12,
0x38,
0x36,
0x24,
0x2A,
0x70,
0x7E,
0x6C,
0x62,
0x48,
0x46,
0x54,
0x5A,
0xE0,
0xEE,
0xFC,
0xF2,
0xD8,
0xD6,
0xC4,
0xCA,
0x90,
0x9E,
0x8C,
0x82,
0xA8,
0xA6,
0xB4,
0xBA,
0xDB,
0xD5,
0xC7,
0xC9,
0xE3,
0xED,
0xFF,
0xF1,
0xAB,
0xA5,
0xB7,
0xB9,
0x93,
0x9D,
0x8F,
0x81,
0x3B,
0x35,
0x27,
0x29,
0x03,
0x0D,
0x1F,
0x11,
0x4B,
0x45,
0x57,
0x59,
0x73,
0x7D,
0x6F,
0x61,
0xAD,
0xA3,
0xB1,
0xBF,
0x95,
0x9B,
0x89,
0x87,
0xDD,
0xD3,
0xC1,
0xCF,
0xE5,
0xEB,
0xF9,
0xF7,
0x4D,
0x43,
0x51,
0x5F,
0x75,
0x7B,
0x69,
0x67,
0x3D,
0x33,
0x21,
0x2F,
0x05,
0x0B,
0x19,
0x17,
0x76,
0x78,
0x6A,
0x64,
0x4E,
0x40,
0x52,
0x5C,
0x06,
0x08,
0x1A,
0x14,
0x3E,
0x30,
0x22,
0x2C,
0x96,
0x98,
0x8A,
0x84,
0xAE,
0xA0,
0xB2,
0xBC,
0xE6,
0xE8,
0xFA,
0xF4,
0xDE,
0xD0,
0xC2,
0xCC,
0x41,
0x4F,
0x5D,
0x53,
0x79,
0x77,
0x65,
0x6B,
0x31,
0x3F,
0x2D,
0x23,
0x09,
0x07,
0x15,
0x1B,
0xA1,
0xAF,
0xBD,
0xB3,
0x99,
0x97,
0x85,
0x8B,
0xD1,
0xDF,
0xCD,
0xC3,
0xE9,
0xE7,
0xF5,
0xFB,
0x9A,
0x94,
0x86,
0x88,
0xA2,
0xAC,
0xBE,
0xB0,
0xEA,
0xE4,
0xF6,
0xF8,
0xD2,
0xDC,
0xCE,
0xC0,
0x7A,
0x74,
0x66,
0x68,
0x42,
0x4C,
0x5E,
0x50,
0x0A,
0x04,
0x16,
0x18,
0x32,
0x3C,
0x2E,
0x20,
0xEC,
0xE2,
0xF0,
0xFE,
0xD4,
0xDA,
0xC8,
0xC6,
0x9C,
0x92,
0x80,
0x8E,
0xA4,
0xAA,
0xB8,
0xB6,
0x0C,
0x02,
0x10,
0x1E,
0x34,
0x3A,
0x28,
0x26,
0x7C,
0x72,
0x60,
0x6E,
0x44,
0x4A,
0x58,
0x56,
0x37,
0x39,
0x2B,
0x25,
0x0F,
0x01,
0x13,
0x1D,
0x47,
0x49,
0x5B,
0x55,
0x7F,
0x71,
0x63,
0x6D,
0xD7,
0xD9,
0xCB,
0xC5,
0xEF,
0xE1,
0xF3,
0xFD,
0xA7,
0xA9,
0xBB,
0xB5,
0x9F,
0x91,
0x83,
0x8D,
),
dtype=np.uint8,
)
# 11 multiplication table
mul11 = np.array(
(
0x00,
0x0B,
0x16,
0x1D,
0x2C,
0x27,
0x3A,
0x31,
0x58,
0x53,
0x4E,
0x45,
0x74,
0x7F,
0x62,
0x69,
0xB0,
0xBB,
0xA6,
0xAD,
0x9C,
0x97,
0x8A,
0x81,
0xE8,
0xE3,
0xFE,
0xF5,
0xC4,
0xCF,
0xD2,
0xD9,
0x7B,
0x70,
0x6D,
0x66,
0x57,
0x5C,
0x41,
0x4A,
0x23,
0x28,
0x35,
0x3E,
0x0F,
0x04,
0x19,
0x12,
0xCB,
0xC0,
0xDD,
0xD6,
0xE7,
0xEC,
0xF1,
0xFA,
0x93,
0x98,
0x85,
0x8E,
0xBF,
0xB4,
0xA9,
0xA2,
0xF6,
0xFD,
0xE0,
0xEB,
0xDA,
0xD1,
0xCC,
0xC7,
0xAE,
0xA5,
0xB8,
0xB3,
0x82,
0x89,
0x94,
0x9F,
0x46,
0x4D,
0x50,
0x5B,
0x6A,
0x61,
0x7C,
0x77,
0x1E,
0x15,
0x08,
0x03,
0x32,
0x39,
0x24,
0x2F,
0x8D,
0x86,
0x9B,
0x90,
0xA1,
0xAA,
0xB7,
0xBC,
0xD5,
0xDE,
0xC3,
0xC8,
0xF9,
0xF2,
0xEF,
0xE4,
0x3D,
0x36,
0x2B,
0x20,
0x11,
0x1A,
0x07,
0x0C,
0x65,
0x6E,
0x73,
0x78,
0x49,
0x42,
0x5F,
0x54,
0xF7,
0xFC,
0xE1,
0xEA,
0xDB,
0xD0,
0xCD,
0xC6,
0xAF,
0xA4,
0xB9,
0xB2,
0x83,
0x88,
0x95,
0x9E,
0x47,
0x4C,
0x51,
0x5A,
0x6B,
0x60,
0x7D,
0x76,
0x1F,
0x14,
0x09,
0x02,
0x33,
0x38,
0x25,
0x2E,
0x8C,
0x87,
0x9A,
0x91,
0xA0,
0xAB,
0xB6,
0xBD,
0xD4,
0xDF,
0xC2,
0xC9,
0xF8,
0xF3,
0xEE,
0xE5,
0x3C,
0x37,
0x2A,
0x21,
0x10,
0x1B,
0x06,
0x0D,
0x64,
0x6F,
0x72,
0x79,
0x48,
0x43,
0x5E,
0x55,
0x01,
0x0A,
0x17,
0x1C,
0x2D,
0x26,
0x3B,
0x30,
0x59,
0x52,
0x4F,
0x44,
0x75,
0x7E,
0x63,
0x68,
0xB1,
0xBA,
0xA7,
0xAC,
0x9D,
0x96,
0x8B,
0x80,
0xE9,
0xE2,
0xFF,
0xF4,
0xC5,
0xCE,
0xD3,
0xD8,
0x7A,
0x71,
0x6C,
0x67,
0x56,
0x5D,
0x40,
0x4B,
0x22,
0x29,
0x34,
0x3F,
0x0E,
0x05,
0x18,
0x13,
0xCA,
0xC1,
0xDC,
0xD7,
0xE6,
0xED,
0xF0,
0xFB,
0x92,
0x99,
0x84,
0x8F,
0xBE,
0xB5,
0xA8,
0xA3,
),
dtype=np.uint8,
)
# 09 multiplication table
mul9 = np.array(
(
0x00,
0x09,
0x12,
0x1B,
0x24,
0x2D,
0x36,
0x3F,
0x48,
0x41,
0x5A,
0x53,
0x6C,
0x65,
0x7E,
0x77,
0x90,
0x99,
0x82,
0x8B,
0xB4,
0xBD,
0xA6,
0xAF,
0xD8,
0xD1,
0xCA,
0xC3,
0xFC,
0xF5,
0xEE,
0xE7,
0x3B,
0x32,
0x29,
0x20,
0x1F,
0x16,
0x0D,
0x04,
0x73,
0x7A,
0x61,
0x68,
0x57,
0x5E,
0x45,
0x4C,
0xAB,
0xA2,
0xB9,
0xB0,
0x8F,
0x86,
0x9D,
0x94,
0xE3,
0xEA,
0xF1,
0xF8,
0xC7,
0xCE,
0xD5,
0xDC,
0x76,
0x7F,
0x64,
0x6D,
0x52,
0x5B,
0x40,
0x49,
0x3E,
0x37,
0x2C,
0x25,
0x1A,
0x13,
0x08,
0x01,
0xE6,
0xEF,
0xF4,
0xFD,
0xC2,
0xCB,
0xD0,
0xD9,
0xAE,
0xA7,
0xBC,
0xB5,
0x8A,
0x83,
0x98,
0x91,
0x4D,
0x44,
0x5F,
0x56,
0x69,
0x60,
0x7B,
0x72,
0x05,
0x0C,
0x17,
0x1E,
0x21,
0x28,
0x33,
0x3A,
0xDD,
0xD4,
0xCF,
0xC6,
0xF9,
0xF0,
0xEB,
0xE2,
0x95,
0x9C,
0x87,
0x8E,
0xB1,
0xB8,
0xA3,
0xAA,
0xEC,
0xE5,
0xFE,
0xF7,
0xC8,
0xC1,
0xDA,
0xD3,
0xA4,
0xAD,
0xB6,
0xBF,
0x80,
0x89,
0x92,
0x9B,
0x7C,
0x75,
0x6E,
0x67,
0x58,
0x51,
0x4A,
0x43,
0x34,
0x3D,
0x26,
0x2F,
0x10,
0x19,
0x02,
0x0B,
0xD7,
0xDE,
0xC5,
0xCC,
0xF3,
0xFA,
0xE1,
0xE8,
0x9F,
0x96,
0x8D,
0x84,
0xBB,
0xB2,
0xA9,
0xA0,
0x47,
0x4E,
0x55,
0x5C,
0x63,
0x6A,
0x71,
0x78,
0x0F,
0x06,
0x1D,
0x14,
0x2B,
0x22,
0x39,
0x30,
0x9A,
0x93,
0x88,
0x81,
0xBE,
0xB7,
0xAC,
0xA5,
0xD2,
0xDB,
0xC0,
0xC9,
0xF6,
0xFF,
0xE4,
0xED,
0x0A,
0x03,
0x18,
0x11,
0x2E,
0x27,
0x3C,
0x35,
0x42,
0x4B,
0x50,
0x59,
0x66,
0x6F,
0x74,
0x7D,
0xA1,
0xA8,
0xB3,
0xBA,
0x85,
0x8C,
0x97,
0x9E,
0xE9,
0xE0,
0xFB,
0xF2,
0xCD,
0xC4,
0xDF,
0xD6,
0x31,
0x38,
0x23,
0x2A,
0x15,
0x1C,
0x07,
0x0E,
0x79,
0x70,
0x6B,
0x62,
0x5D,
0x54,
0x4F,
0x46,
),
dtype=np.uint8,
)
# 13 multiplication table
mul13 = np.array(
(
0x00,
0x0D,
0x1A,
0x17,
0x34,
0x39,
0x2E,
0x23,
0x68,
0x65,
0x72,
0x7F,
0x5C,
0x51,
0x46,
0x4B,
0xD0,
0xDD,
0xCA,
0xC7,
0xE4,
0xE9,
0xFE,
0xF3,
0xB8,
0xB5,
0xA2,
0xAF,
0x8C,
0x81,
0x96,
0x9B,
0xBB,
0xB6,
0xA1,
0xAC,
0x8F,
0x82,
0x95,
0x98,
0xD3,
0xDE,
0xC9,
0xC4,
0xE7,
0xEA,
0xFD,
0xF0,
0x6B,
0x66,
0x71,
0x7C,
0x5F,
0x52,
0x45,
0x48,
0x03,
0x0E,
0x19,
0x14,
0x37,
0x3A,
0x2D,
0x20,
0x6D,
0x60,
0x77,
0x7A,
0x59,
0x54,
0x43,
0x4E,
0x05,
0x08,
0x1F,
0x12,
0x31,
0x3C,
0x2B,
0x26,
0xBD,
0xB0,
0xA7,
0xAA,
0x89,
0x84,
0x93,
0x9E,
0xD5,
0xD8,
0xCF,
0xC2,
0xE1,
0xEC,
0xFB,
0xF6,
0xD6,
0xDB,
0xCC,
0xC1,
0xE2,
0xEF,
0xF8,
0xF5,
0xBE,
0xB3,
0xA4,
0xA9,
0x8A,
0x87,
0x90,
0x9D,
0x06,
0x0B,
0x1C,
0x11,
0x32,
0x3F,
0x28,
0x25,
0x6E,
0x63,
0x74,
0x79,
0x5A,
0x57,
0x40,
0x4D,
0xDA,
0xD7,
0xC0,
0xCD,
0xEE,
0xE3,
0xF4,
0xF9,
0xB2,
0xBF,
0xA8,
0xA5,
0x86,
0x8B,
0x9C,
0x91,
0x0A,
0x07,
0x10,
0x1D,
0x3E,
0x33,
0x24,
0x29,
0x62,
0x6F,
0x78,
0x75,
0x56,
0x5B,
0x4C,
0x41,
0x61,
0x6C,
0x7B,
0x76,
0x55,
0x58,
0x4F,
0x42,
0x09,
0x04,
0x13,
0x1E,
0x3D,
0x30,
0x27,
0x2A,
0xB1,
0xBC,
0xAB,
0xA6,
0x85,
0x88,
0x9F,
0x92,
0xD9,
0xD4,
0xC3,
0xCE,
0xED,
0xE0,
0xF7,
0xFA,
0xB7,
0xBA,
0xAD,
0xA0,
0x83,
0x8E,
0x99,
0x94,
0xDF,
0xD2,
0xC5,
0xC8,
0xEB,
0xE6,
0xF1,
0xFC,
0x67,
0x6A,
0x7D,
0x70,
0x53,
0x5E,
0x49,
0x44,
0x0F,
0x02,
0x15,
0x18,
0x3B,
0x36,
0x21,
0x2C,
0x0C,
0x01,
0x16,
0x1B,
0x38,
0x35,
0x22,
0x2F,
0x64,
0x69,
0x7E,
0x73,
0x50,
0x5D,
0x4A,
0x47,
0xDC,
0xD1,
0xC6,
0xCB,
0xE8,
0xE5,
0xF2,
0xFF,
0xB4,
0xB9,
0xAE,
0xA3,
0x80,
0x8D,
0x9A,
0x97,
),
dtype=np.uint8,
)
# Shiftrows tables:
shiftrows = [0, 5, 10, 15, 4, 9, 14, 3, 8, 13, 2, 7, 12, 1, 6, 11]
shiftrows_inverse = [0, 13, 10, 7, 4, 1, 14, 11, 8, 5, 2, 15, 12, 9, 6, 3]
# Rcon contants
rcon = np.array(
(
0x8D,
0x01,
0x02,
0x04,
0x08,
0x10,
0x20,
0x40,
0x80,
0x1B,
0x36,
0x6C,
0xD8,
0xAB,
),
dtype=np.uint8,
)
[docs]class Aes(object):
"""
Aes class.
Provide methods to perform Aes (128,192 256)
(use staticaly)
Handle list of uint8 (instead of char/str)
Example:
input = [0]*16
key = [0] * 16
Aes.encrypt( input, key)
"""
nr = {176:10}
[docs] @staticmethod
def xor(s1, s2):
return tuple(a ^ b for a, b in zip(s1, s2))
[docs] @staticmethod
def rot_word(word):
return word[1:] + word[:1]
[docs] @staticmethod
def sub_word(word):
return (sbox[b] for b in word)
[docs] @staticmethod
def add_round_key(state, key):
return [state[i] ^ key[i] for i in range(16)]
[docs] @staticmethod
def sub_bytes(state):
return [sbox[i] for i in state]
[docs] @staticmethod
def inverse_sub_bytes(state):
return [inv_sbox[i] for i in state]
[docs] @staticmethod
def shift_rows(state):
return np.array(state)[shiftrows]
[docs] @staticmethod
def inverse_shift_rows(state):
return np.array(state)[shiftrows_inverse]
[docs] @staticmethod
def mix_columns(state):
for i in range(4):
state[4 * i], state[4 * i + 1], state[4 * i + 2], state[4 * i + 3] = (
mul2[state[4 * i + 0]]
^ mul3[state[4 * i + 1]]
^ state[4 * i + 2]
^ state[4 * i + 3],
mul2[state[4 * i + 1]]
^ mul3[state[4 * i + 2]]
^ state[4 * i + 3]
^ state[4 * i + 0],
mul2[state[4 * i + 2]]
^ mul3[state[4 * i + 3]]
^ state[4 * i + 0]
^ state[4 * i + 1],
mul2[state[4 * i + 3]]
^ mul3[state[4 * i + 0]]
^ state[4 * i + 1]
^ state[4 * i + 2],
)
return state
[docs] @staticmethod
def inverse_mix_columns(state):
for i in range(4):
state[4 * i], state[4 * i + 1], state[4 * i + 2], state[4 * i + 3] = (
mul14[state[4 * i + 0]]
^ mul11[state[4 * i + 1]]
^ mul13[state[4 * i + 2]]
^ mul9[state[4 * i + 3]],
mul14[state[4 * i + 1]]
^ mul11[state[4 * i + 2]]
^ mul13[state[4 * i + 3]]
^ mul9[state[4 * i + 0]],
mul14[state[4 * i + 2]]
^ mul11[state[4 * i + 3]]
^ mul13[state[4 * i + 0]]
^ mul9[state[4 * i + 1]],
mul14[state[4 * i + 3]]
^ mul11[state[4 * i + 0]]
^ mul13[state[4 * i + 1]]
^ mul9[state[4 * i + 2]],
)
return state
[docs] @staticmethod
def key_schedule(key):
if len(key) == 16:
nb, nr, nk = 4, 10, 4
elif len(key) == 24:
nb, nr, nk = 4, 12, 6
elif len(key) == 32:
nb, nr, nk = 4, 14, 8
else:
raise ValueError("Invalid key size")
expanded = list(key)
for i in range(nk, nb * (nr + 1)):
t = expanded[(i - 1) * 4 : i * 4]
if i % nk == 0:
t = Aes.xor(Aes.sub_word(Aes.rot_word(t)), (rcon[i // nk], 0, 0, 0))
elif nk > 6 and i % nk == 4:
t = Aes.sub_word(t)
expanded.extend(Aes.xor(t, expanded[(i - nk) * 4 : (i - nk + 1) * 4]))
return expanded
[docs] @staticmethod
def encrypt(input, key):
nr = 6 + 2 * (len(key) // 8)
key_scheduled = Aes.key_schedule(key)
state = [i for i in input]
state = Aes.add_round_key(state, key_scheduled[:16])
for i in range(1, nr):
state = Aes.sub_bytes(state)
state = Aes.shift_rows(state)
state = Aes.mix_columns(state)
state = Aes.add_round_key(state, key_scheduled[i * 16 : (i + 1) * 16])
state = Aes.sub_bytes(state)
state = Aes.shift_rows(state)
state = Aes.add_round_key(state, key_scheduled[-16:])
return state
[docs] @staticmethod
def encrypt_keep_iv(input, key_scheduled):
"""
encrypt and keep all intermediate values
:param input:
:param key_scheduled:
:return:
"""
nr = Aes.nr[len(key_scheduled)]
res = []
state = [i for i in input]
res += state
state = Aes.add_round_key(state, key_scheduled[:16])
res += state
for i in range(1, nr):
state = Aes.sub_bytes(state)
res += list(state)
state = Aes.shift_rows(state)
res += list(state)
state = Aes.mix_columns(state)
res += list(state)
state = Aes.add_round_key(state, key_scheduled[i * 16 : (i + 1) * 16])
res += list(state)
state = Aes.sub_bytes(state)
res += state
state = Aes.shift_rows(state)
res += list(state)
state = Aes.add_round_key(state, key_scheduled[-16:])
res += list(state)
return res
[docs] @staticmethod
def decrypt(input, key):
"""
decrypt and keep all intermediate values
:param input:
:param key_scheduled:
:return:
"""
nr = 6 + 2 * (len(key) // 8)
key_scheduled = Aes.key_schedule(key)
state = [i for i in input]
state = Aes.add_round_key(state, key_scheduled[-16:])
for i in range(nr - 1, 0, -1):
state = Aes.inverse_sub_bytes(state)
state = Aes.inverse_shift_rows(state)
state = Aes.add_round_key(state, key_scheduled[i * 16 : (i + 1) * 16])
state = Aes.inverse_mix_columns(state)
state = Aes.inverse_sub_bytes(state)
state = Aes.inverse_shift_rows(state)
state = Aes.add_round_key(state, key_scheduled[:16])
return state
[docs] @staticmethod
def decrypt_keep_iv(input, key_scheduled):
"""
decrypt and keep all intermediate values
:param input:
:param key_scheduled:
:return:
"""
nr = int(len(key_scheduled) / 16)
res = []
state = [i for i in input]
res += state
state = Aes.add_round_key(state, key_scheduled[-16:])
res += state
for i in range(nr - 1, 0, -1):
state = Aes.inverse_sub_bytes(state)
res += list(state)
state = Aes.inverse_shift_rows(state)
res += list(state)
state = Aes.add_round_key(state, key_scheduled[i * 16 : (i + 1) * 16])
res += list(state)
state = Aes.inverse_mix_columns(state)
res += list(state)
state = Aes.inverse_sub_bytes(state)
res += state
state = Aes.inverse_shift_rows(state)
res += list(state)
state = Aes.add_round_key(state, key_scheduled[:16])
res += list(state)
return res