rotor replacement
Gerd Woetzel
woetzel at AUTO
Wed Jan 19 05:08:18 EST 2005
Robin Becker <robin at SPAMREMOVEjessikat.fsnet.co.uk> writes:
>Paul Rubin wrote:
>.....I'm also missing the rotor module and regret that something useful
>was warned about and now removed with no plugin replacement.
Hm, yes. Here is a (rather slow) replacement:
"""This module is derived from Modules/rotormodule.c and translated
into Python. I have appended the Copyright by Lance Ellinghouse
below. The rotor module has been removed from the Python 2.4
distribution because
the rotor module uses an insecure algorithm and is deprecated.
==============================================================
Of course, this does still hold. However, I think this module might
be used and adapted for demonstration purposes and might help some
poor users who have encrypted (or obfuscated) some old stuff with
the rotor module and have no access to older Python versions any
more.
Documentation can be found in
Python Library Reference, Guido van Rossum, Fred L. Drake, Jr., editor,
PythonLabs, Release 2.3.4 May 20, 2004
<http://www.python.org/doc/2.3.4/lib/module-rotor.html>
#####################################################################
Copyright 1994 by Lance Ellinghouse,
Cathedral City, California Republic, United States of America.
All Rights Reserved
Permission to use, copy, modify, and distribute this software and its
documentation for any purpose and without fee is hereby granted,
provided that the above copyright notice appear in all copies and that
both that copyright notice and this permission notice appear in
supporting documentation, and that the name of Lance Ellinghouse
not be used in advertising or publicity pertaining to distribution
of the software without specific, written prior permission.
LANCE ELLINGHOUSE DISCLAIMS ALL WARRANTIES WITH REGARD TO
THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND
FITNESS, IN NO EVENT SHALL LANCE ELLINGHOUSE BE LIABLE FOR ANY SPECIAL,
INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
#####################################################################
"""
class newrotor(object):
def __init__(self, key, n_rotors=6):
self.n_rotors = n_rotors
self.setkey(key)
def setkey(self, key):
self.key = key
self.rotors = None
self.positions = [None, None]
def encrypt(self, buf):
# Reset (encrypt) positions and encryptmore
self.positions[0] = None
return self.cryptmore(buf, 0)
def encryptmore(self, buf):
return self.cryptmore(buf, 0)
def decrypt(self, buf):
# Reset decrypt positions and decryptmore
self.positions[1] = None
return self.cryptmore(buf, 1)
def decryptmore(self, buf):
return self.cryptmore(buf, 1)
def cryptmore(self, buf, do_decrypt):
size, nr, rotors, pos = self.get_rotors(do_decrypt)
outbuf = []
append = outbuf.append
for c in map(ord, buf):
if do_decrypt:
# Apply decrypt rotors and xor in reverse order
for i in xrange(nr-1,-1,-1):
c = pos[i] ^ rotors[i][c]
else:
# Apply xor and ecrypt rotors
for i in xrange(nr):
c = rotors[i][c ^ pos[i]]
append(c)
# Advance rotors, i.e. add the (fixed) rotor increments to the
# variable rotor positions with carry.
# Note: In the C-implementation, the result of the carry addition
# was stored to an "unsigned char". Hence the next carry
# is lost if pos[i] == size-1 and pnew >= size.
# Masking with 0xff simulates this behavior.
#
pnew = 0 # (pnew >= size) works as "carry bit"
for i in xrange(nr):
pnew = ((pos[i] + (pnew >= size)) & 0xff) + rotors[i][size]
pos[i] = pnew % size
return ''.join(map(chr, outbuf))
def get_rotors(self, do_decrypt):
# Return a tuple (size, nr, rotors, positions) where
# - size is the rotor size (== 256, because of 8-bit bytes)
# - nr is the number of rotors.
# - rotors is a tuple of nr encrypt or nr decrypt rotors
# for do_decrypt == 0 or do_decrypt == 1 respectively.
# - postions is a list of nr "rotor positions".
#
# The rotors represent the static aspect of the rotor machine which
# is initially computed from key and fixed during en/decryption.
# A rotor is a random permutation of range(size) extended
# by an "increment value" in range(size).
#
# The followng statements hold for a tuple of encrypt rotors E and
# and the corresponding tuple of decrypt rotors D.
#
# D[i][E[i][j]] == j for i in range(nr) for j in range(size)
#
# E[i][D[i][j]] == j for i in range(nr) for j in range(size)
#
# This means that the corresponding rotors E[i] and D[i] are
# inverse permutations.
# The increments are equal for the corresponding encrypt and
# decrypt rotors and have an odd value:
#
# D[i][size] == E[i][size] and E[i][size] == 1 mod 2 and
# 0 < E[i][size] < size for i in range(nr)
#
# The position vector represents the dynamic aspect.
# It changes after each en/decrypted character (the rotors
# are "advanced"). The initial position vector is also computed
# from the key
#
nr = self.n_rotors
rotors = self.rotors
positions = self.positions[do_decrypt]
if positions is None:
if rotors:
positions = list(rotors[3])
else:
# Generate identity permutation for 8-bit bytes plus an
# (unused) increment value
self.size = size = 256
id_rotor = range(size+1)
# Generate nr "random" initial positions and "random"
# en/decrypt rotors from id_rotor.
#
rand = random_func(self.key)
E = []
D = []
positions = []
for i in xrange(nr):
i = size
positions.append(rand(i))
erotor = id_rotor[:]
drotor = id_rotor[:]
drotor[i] = erotor[i] = 1 + 2*rand(i/2) # increment
while i > 1:
r = rand(i)
i -= 1
er = erotor[r]
erotor[r] = erotor[i]
erotor[i] = er
drotor[er] = i
drotor[erotor[0]] = 0
E.append(tuple(erotor))
D.append(tuple(drotor))
self.rotors = rotors = (
tuple(E), tuple(D), size, tuple(positions))
self.positions[do_decrypt] = positions
return rotors[2], nr, rotors[do_decrypt], positions
def random_func(key):
# Generate a random number generator that is "seeded" from key.
# This algorithm is copied from Python2.3 randommodule.c.
#
mask = 0xffff
x=995
y=576
z=767
for c in map(ord, key):
x = (((x<<3 | x>>13) + c) & mask)
y = (((y<<3 | y>>13) ^ c) & mask)
z = (((z<<3 | z>>13) - c) & mask)
# Emulate (unintended?) cast to short
maxpos = mask >> 1
mask += 1
if x > maxpos: x -= mask
if y > maxpos: y -= mask
if z > maxpos: z -= mask
y |= 1 # avoid very bad seed, why not for x and z too?
# Oh, dear, for compatibility, we must evaluate the first seed transition
# the hard way, later it becomes much simpler
x = 171 * (x % 177) - 2 * (x/177)
y = 172 * (y % 176) - 35 * (y/176)
z = 170 * (z % 178) - 63 * (z/178)
if x < 0: x += 30269
if y < 0: y += 30307
if z < 0: z += 30323
# At least all values are > 0 by now but may be greater than expected ..
def rand(n, seed=[(x, y, z)]):
# Return a random number 0 <= r < n
#
x, y, z = seed[0]
seed[0] = ((171*x) % 30269, (172*y) % 30307, (170*z) % 30323)
return int((x/30269.0 + y/30307.0 + z/30323.0) * n) % n
# Original code was like this:
# from math import floor
# val = x/30269.0 + y/30307.0 + z/30323.0
# val = val - floor(val)
# if val >= 1.0:
# val = 0.0
# n = int(val*n) % n
return rand
More information about the Python-list
mailing list