Package documentation

XTEA-Cipher in Python (eXtended Tiny Encryption Algorithm)

XTEA is a block cipher with 8 bytes block size and 16 bytes key size (128-Bit). This implementation supports following modes of operation: ECB, CBC, CFB, OFB, CTR

Example:

>>> from xtea import *
>>> from binascii import hexlify
>>> key = b" "*16  # Never use this key
>>> text = b"This is a text. "
>>> # Use a unique IV each time
>>> x = new(key, mode=MODE_OFB, IV=b"12345678")  # IV's must be unpredictable
>>> c = x.encrypt(text)
>>> hexlify(c).decode()
'fa66ec11b82e38bc77c14be093bb8aa0'
>>> text == new(key, mode=MODE_OFB, IV=b"12345678").decrypt(c)
True

Warning

This module is a low level library.

xtea.key_size = 16

Key size of XTEA in bytes

Changed in version 0.7.0: This constant is measured in bytes now.

xtea.block_size = 8

Block size of XTEA in bytes

Changed in version 0.7.0: This constant is measured in bytes now.

xtea.MODE_ECB = 1

Constant for Electronic Codebook mode of operation.

xtea.MODE_CBC = 2

Constant for Cipher Block Chaining mode of operation.

xtea.MODE_CFB = 3

Constant for Cipher Feedback mode of operation.

xtea.MODE_PGP = 4

Constant for PGP mode of operation. This mode is not implemented yet.

xtea.MODE_OFB = 5

Constant for Output Feedback of operation.

xtea.MODE_CTR = 6

Constant for Counter mode of operation

Functions

xtea.new(key, **kwargs)

Create an “XTEACipher” object.

It’s fully PEP-272 compliant, default mode is ECB.

Parameters:
  • key (bytes) – The key for encryption/decryption. Must be 16 in length.
  • mode (int) –

    Mode of operation, must be one of this:

    1 = ECB
    2 = CBC
    3 = CFB
    5 = OFB
    6 = CTR
    
  • **kwargs – See below
Keyword arguments:
 
  • IV or iv (bytes):

    Initialization vector with 8 bytes in length. For security reasons it should be unpredictable and must never be used twice for the same key!.

    Required for: CBC, CFB and OFB mode of operation.

  • counter (callable):

    Callable counter which returns 8 bytes each call. For security reasons the counter must not have the same output twice.

    Required for: CTR mode of operation.

    Changed in version 0.5.0: Integers instead of callable objects are not accepted anymore.

  • segment_size (int):

    The segment size for one encryption “segment” in CFB mode in bits. It must be a multiple of 8 and between 8 and 64.

    Required for: CFB mode.

  • endian (str): Endianess of internal conversions.

    Defaults to “!” meaning big endian.

    See also

    Standard library’s struct

  • rounds (int or float):

    Rounds of the xtea cipher, defaults to 64.

Classes

class xtea.XTEACipher(key, mode=None, **kwargs)

The cipher class, mostly PEP-272 compatible.

Variables:
  • block_size – Block size in bytes
  • IV – Initialization vector used at class instantiation. Contrary to PEP-272 it does not update its value after encryption. The updated value is currently stored at _status.

Create an “XTEACipher” object.

It’s fully PEP-272 compliant, default mode is ECB.

Parameters:
  • key (bytes) – The key for encryption/decryption. Must be 16 in length.
  • mode (int) –

    Mode of operation, must be one of this:

    1 = ECB
    2 = CBC
    3 = CFB
    5 = OFB
    6 = CTR
    
  • **kwargs – See below
Keyword arguments:
 
  • IV or iv (bytes):

    Initialization vector with 8 bytes in length. For security reasons it should be unpredictable and must never be used twice for the same key!.

    Required for: CBC, CFB and OFB mode of operation.

  • counter (callable):

    Callable counter which returns 8 bytes each call. For security reasons the counter must not have the same output twice.

    Required for: CTR mode of operation.

    Changed in version 0.5.0: Integers instead of callable objects are not accepted anymore.

  • segment_size (int):

    The segment size for one encryption “segment” in CFB mode in bits. It must be a multiple of 8 and between 8 and 64.

    Required for: CFB mode.

  • endian (str): Endianess of internal conversions.

    Defaults to “!” meaning big endian.

    See also

    Standard library’s struct

  • rounds (int or float):

    Rounds of the xtea cipher, defaults to 64.

encrypt(string)

Encrypt data with the key and the parameters set at initialization.

The cipher object is stateful; encryption of a long block of data can be broken up in two or more calls to encrypt(). That is, the statement:

>>> c.encrypt(a) + c.encrypt(b)

is always equivalent to:

>>> c.encrypt(a+b)

That also means that you cannot reuse an object for encrypting or decrypting other data with the same key.

This function does not perform any padding.

  • For MODE_ECB, MODE_CBC string length (in bytes) must be a multiple of block_size.
  • For MODE_CFB, string length (in bytes) must be a multiple of segment_size/8.
  • For MODE_CTR and MODE_OFB, string can be of any length.
Parameters:

string (bytes) – The piece of data to encrypt.

Raises:
  • ValueError – When a mode of operation has be requested this code cannot handle.
  • ValueError – When len(string) has a wrong length, as described above.
  • TypeError – When the counter callable in CTR returns data with the wrong length.
Returns:

The encrypted data, as a byte string. It is as long as string.

Return type:

bytes

decrypt(string)

Decrypt data with the key and the parameters set at initialization.

The cipher object is stateful; decryption of a long block of data can be broken up in two or more calls to decrypt(). That is, the statement:

>>> c.decrypt(a) + c.decrypt(b)

is always equivalent to:

>>> c.decrypt(a+b)

That also means that you cannot reuse an object for encrypting or decrypting other data with the same key.

This function does not perform any padding.

  • For MODE_ECB, MODE_CBC string length (in bytes) must be a multiple of block_size.
  • For MODE_CFB, string length (in bytes) must be a multiple of segment_size/8.
  • For MODE_CTR and MODE_OFB, string can be of any length.
Parameters:

string (bytes) – The piece of data to decrypt.

Raises:
  • ValueError – When a mode of operation has be requested this code cannot handle.
  • ValueError – When len(string) has a wrong length, as described above.
  • TypeError – When the counter in CTR returns data of the wrong length.
Returns:

The decrypted data, as a byte string. It is as long as string.

Return type:

bytes