2021-05-11 17:16:06 -07:00
|
|
|
#!/usr/bin/env python3
|
|
|
|
import sys; assert sys.version_info[0] >= 3, "Python 3 required."
|
|
|
|
|
|
|
|
import math
|
|
|
|
import struct
|
|
|
|
|
|
|
|
from pyblake2 import blake2b
|
|
|
|
|
|
|
|
from tv_output import render_args, render_tv
|
|
|
|
from tv_rand import Rand
|
2021-08-30 11:16:27 -07:00
|
|
|
from utils import i2leosp
|
2021-05-11 17:16:06 -07:00
|
|
|
|
|
|
|
|
|
|
|
# Maximum output length of BLAKE2b
|
|
|
|
l_H = 64
|
|
|
|
assert 8*l_H == 512
|
|
|
|
|
2021-08-30 11:16:27 -07:00
|
|
|
MIN_l_M = 48
|
|
|
|
MAX_l_M = 4194368
|
|
|
|
assert MAX_l_M == 65537*l_H
|
|
|
|
|
2021-05-11 17:16:06 -07:00
|
|
|
def instantiate(l_L, l_R):
|
|
|
|
def H(i, u):
|
|
|
|
digest = blake2b(
|
|
|
|
digest_size=l_L,
|
2021-08-30 11:16:27 -07:00
|
|
|
person=b'UA_F4Jumble_H' + bytes([i, 0, 0]),
|
2021-05-11 17:16:06 -07:00
|
|
|
)
|
|
|
|
digest.update(u)
|
|
|
|
return digest.digest()
|
|
|
|
|
|
|
|
def G(i, u):
|
|
|
|
def inner(j):
|
|
|
|
digest = blake2b(
|
|
|
|
digest_size=l_H,
|
2021-08-30 11:16:27 -07:00
|
|
|
person=b'UA_F4Jumble_G' + bytes([i]) + i2leosp(16, j),
|
2021-05-11 17:16:06 -07:00
|
|
|
)
|
|
|
|
digest.update(u)
|
|
|
|
return digest.digest()
|
2021-08-30 11:16:27 -07:00
|
|
|
|
2021-05-11 17:16:06 -07:00
|
|
|
return b''.join([inner(j) for j in range(0, math.ceil(l_R/l_H))])[:l_R]
|
|
|
|
|
|
|
|
return (H, G)
|
|
|
|
|
|
|
|
def xor(x, y):
|
|
|
|
return bytes([a ^ b for (a, b) in zip(x, y)])
|
|
|
|
|
|
|
|
def f4jumble(M):
|
|
|
|
l_M = len(M)
|
2021-08-30 11:16:27 -07:00
|
|
|
assert MIN_l_M <= l_M and l_M <= MAX_l_M
|
2021-05-11 17:16:06 -07:00
|
|
|
|
|
|
|
l_L = min([l_H, l_M//2])
|
|
|
|
l_R = l_M - l_L
|
|
|
|
(H, G) = instantiate(l_L, l_R)
|
|
|
|
a = M[:l_L]
|
|
|
|
b = M[l_L:]
|
|
|
|
|
|
|
|
x = xor(b, G(0, a))
|
|
|
|
y = xor(a, H(0, x))
|
|
|
|
d = xor(x, G(1, y))
|
|
|
|
c = xor(y, H(1, d))
|
|
|
|
|
|
|
|
return c + d
|
|
|
|
|
|
|
|
def f4jumble_inv(M):
|
|
|
|
l_M = len(M)
|
2021-08-30 11:16:27 -07:00
|
|
|
assert MIN_l_M <= l_M and l_M <= MAX_l_M
|
2021-05-11 17:16:06 -07:00
|
|
|
|
|
|
|
l_L = min([l_H, l_M//2])
|
|
|
|
l_R = l_M - l_L
|
|
|
|
(H, G) = instantiate(l_L, l_R)
|
|
|
|
c = M[:l_L]
|
|
|
|
d = M[l_L:]
|
|
|
|
|
|
|
|
y = xor(c, H(1, d))
|
|
|
|
x = xor(d, G(1, y))
|
|
|
|
a = xor(y, H(0, x))
|
|
|
|
b = xor(x, G(0, a))
|
|
|
|
|
|
|
|
return a + b
|
|
|
|
|
|
|
|
|
|
|
|
def main():
|
|
|
|
args = render_args()
|
|
|
|
|
|
|
|
from random import Random
|
|
|
|
rng = Random(0xabad533d)
|
|
|
|
def randbytes(l):
|
|
|
|
ret = []
|
|
|
|
while len(ret) < l:
|
|
|
|
ret.append(rng.randrange(0, 256))
|
|
|
|
return bytes(ret)
|
|
|
|
rand = Rand(randbytes)
|
|
|
|
|
2021-08-31 12:59:19 -07:00
|
|
|
plain_test_vectors = []
|
|
|
|
|
2021-05-11 17:16:06 -07:00
|
|
|
# Generate test vectors with various lengths:
|
|
|
|
for l_M in [
|
2021-08-30 11:16:27 -07:00
|
|
|
MIN_l_M,
|
2021-05-11 17:16:06 -07:00
|
|
|
l_H,
|
|
|
|
2*l_H,
|
|
|
|
2*l_H + 1,
|
|
|
|
3*l_H,
|
|
|
|
3*l_H + 1,
|
2021-08-30 11:16:27 -07:00
|
|
|
257*l_H,
|
|
|
|
257*l_H + 1,
|
2021-08-31 12:59:19 -07:00
|
|
|
]:
|
|
|
|
M = rand.b(l_M)
|
|
|
|
jumbled = f4jumble(M)
|
|
|
|
assert len(jumbled) == len(M)
|
|
|
|
assert f4jumble_inv(jumbled) == M
|
|
|
|
|
|
|
|
plain_test_vectors.append({
|
|
|
|
'normal': M,
|
|
|
|
'jumbled': jumbled,
|
|
|
|
})
|
|
|
|
|
2021-05-11 17:16:06 -07:00
|
|
|
render_tv(
|
|
|
|
args,
|
|
|
|
'f4jumble',
|
|
|
|
(
|
|
|
|
('normal', 'Vec<u8>'),
|
|
|
|
('jumbled', 'Vec<u8>'),
|
|
|
|
),
|
2021-08-31 12:59:19 -07:00
|
|
|
plain_test_vectors,
|
|
|
|
)
|
2021-05-11 17:16:06 -07:00
|
|
|
|
|
|
|
|
|
|
|
if __name__ == "__main__":
|
|
|
|
main()
|