Implemented proxies to pyca X25519

RNS/Cryptography/AES.py

@@ -20,14 +20,13 @@
 # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
 # SOFTWARE.
 
-PROVIDER_INTERNAL = 0x01
+import RNS.Cryptography.Provider as cp
-PROVIDER_PYCA     = 0x02
 
-provider = PROVIDER_PYCA
+if cp.PROVIDER == cp.PROVIDER_INTERNAL:
+    # TODO: Use internal AES
+    from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes
     
-if provider == PROVIDER_INTERNAL:
+elif cp.PROVIDER == cp.PROVIDER_PYCA:
-    pass
-elif provider == PROVIDER_PYCA:
     from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes
 
 
@@ -35,9 +34,14 @@ class AES_128_CBC:
 
     @staticmethod
     def encrypt(plaintext, key, iv):
-        if provider == PROVIDER_INTERNAL:
+        if cp.PROVIDER == cp.PROVIDER_INTERNAL:
-            pass
+            # TODO: Use internal AES
-        elif provider == PROVIDER_PYCA:
+            cipher = Cipher(algorithms.AES(key), modes.CBC(iv))
+            encryptor = cipher.encryptor()
+            ciphertext = encryptor.update(plaintext) + encryptor.finalize()
+            return ciphertext
+
+        elif cp.PROVIDER == cp.PROVIDER_PYCA:
             cipher = Cipher(algorithms.AES(key), modes.CBC(iv))
             encryptor = cipher.encryptor()
             ciphertext = encryptor.update(plaintext) + encryptor.finalize()
@@ -45,9 +49,14 @@ class AES_128_CBC:
 
     @staticmethod
     def decrypt(ciphertext, key, iv):
-        if provider == PROVIDER_INTERNAL:
+        if cp.PROVIDER == cp.PROVIDER_INTERNAL:
-            pass
+            # TODO: Use internal AES
-        elif provider == PROVIDER_PYCA:
+            cipher = Cipher(algorithms.AES(key), modes.CBC(iv))
+            decryptor = cipher.decryptor()
+            plaintext = decryptor.update(ciphertext) + decryptor.finalize()
+            return plaintext
+
+        elif cp.PROVIDER == cp.PROVIDER_PYCA:
             cipher = Cipher(algorithms.AES(key), modes.CBC(iv))
             decryptor = cipher.decryptor()
             plaintext = decryptor.update(ciphertext) + decryptor.finalize()

RNS/Cryptography/Provider.py

@@ -0,0 +1,5 @@
+PROVIDER_INTERNAL = 0x01
+PROVIDER_PYCA     = 0x02
+
+# PROVIDER = PROVIDER_PYCA
+PROVIDER = PROVIDER_INTERNAL

RNS/Cryptography/Proxies.py

@@ -0,0 +1,43 @@
+from cryptography.hazmat.primitives import serialization
+from cryptography.hazmat.primitives.asymmetric.ed25519 import Ed25519PrivateKey, Ed25519PublicKey
+from cryptography.hazmat.primitives.asymmetric.x25519 import X25519PrivateKey, X25519PublicKey
+
+class X25519PrivateKeyProxy:
+    def __init__(self, real):
+        self.real = real
+
+    @classmethod
+    def generate(cls):
+        return cls(X25519PrivateKey.generate())
+
+    @classmethod
+    def from_private_bytes(cls, data):
+        return cls(X25519PrivateKey.from_private_bytes(data))
+
+    def private_bytes(self):
+        return self.real.private_bytes(
+            encoding=serialization.Encoding.Raw,
+            format=serialization.PrivateFormat.Raw,
+            encryption_algorithm=serialization.NoEncryption(),
+        )
+
+    def public_key(self):
+        return X25519PublicKeyProxy(self.real.public_key())
+
+    def exchange(self, peer_public_key):
+        return self.real.exchange(peer_public_key.real)
+
+
+class X25519PublicKeyProxy:
+    def __init__(self, real):
+        self.real = real
+
+    @classmethod
+    def from_public_bytes(cls, data):
+        return cls(X25519PublicKey.from_public_bytes(data))
+
+    def public_bytes(self):
+        return self.real.public_bytes(
+            encoding=serialization.Encoding.Raw,
+            format=serialization.PublicFormat.Raw
+        )

RNS/Cryptography/__init__.py

@@ -6,5 +6,19 @@ from .HKDF import hkdf
 from .PKCS7 import PKCS7
 from .Fernet import Fernet
 
+import RNS.Cryptography.Provider as cp
+
+if cp.PROVIDER == cp.PROVIDER_INTERNAL:
+    print("INTERNAL")
+    from RNS.Cryptography.X25519 import X25519PrivateKey, X25519PublicKey
+
+    # TODO: Use internal Ed25519
+    from cryptography.hazmat.primitives.asymmetric.ed25519 import Ed25519PrivateKey, Ed25519PublicKey
+
+elif cp.PROVIDER == cp.PROVIDER_PYCA:
+    print("PYCA")
+    from RNS.Cryptography.Proxies import X25519PrivateKeyProxy as X25519PrivateKey
+    from RNS.Cryptography.Proxies import X25519PublicKeyProxy as X25519PublicKey
+
 modules = glob.glob(os.path.dirname(__file__)+"/*.py")
 __all__ = [ os.path.basename(f)[:-3] for f in modules if not f.endswith('__init__.py')]

RNS/Identity.py

@@ -31,7 +31,7 @@ from .vendor import umsgpack as umsgpack
 from cryptography.hazmat.primitives import serialization
 from cryptography.hazmat.primitives.asymmetric.ed25519 import Ed25519PrivateKey, Ed25519PublicKey
 
-from RNS.Cryptography.X25519 import X25519PrivateKey, X25519PublicKey
+from RNS.Cryptography import X25519PrivateKey, X25519PublicKey
 from RNS.Cryptography import Fernet
 
 

RNS/Link.py

@@ -24,7 +24,7 @@ from cryptography.hazmat.primitives import hashes
 from cryptography.hazmat.primitives import serialization
 from cryptography.hazmat.primitives.asymmetric.ed25519 import Ed25519PrivateKey, Ed25519PublicKey
 
-from RNS.Cryptography.X25519 import X25519PrivateKey, X25519PublicKey
+from RNS.Cryptography import X25519PrivateKey, X25519PublicKey
 from RNS.Cryptography import Fernet
 
 from time import sleep