I'm trying to rewrite some JS (which uses the SJCL library) in Python using pycrypto. I'm having trouble figuring out how to implement the following code
aes = new sjcl.cipher.aes( this.key );
bits = sjcl.codec.utf8String.toBits( text );
cipher = sjcl.mode.ccm.encrypt( aes, bits, iv );
cipherIV = sjcl.bitArray.concat( iv, cipher );
return sjcl.codec.base64.fromBits( cipherIV );
My issue isn't the crypto, but the way the library handles the fromBits conversions. According to the SJCL docs:
Most of our crypto primitives operate on arrays of 4-byte words internally, but many of them can take arguments that are not a multiple of 4 bytes. This library encodes arrays of bits (whose size need not be a multiple of 8 bits) as arrays of 32-bit words. The bits are packed, big-endian, into an array of words, 32 bits at a time. Since the words are double-precision floating point numbers, they fit some extra data. We use this (in a private, possibly-changing manner) to encode the number of bits actually present in the last word of the array.
To me this seems to imply that conversion to a bit array adds on some sort of additional information, which I am concerned will be prevalent during the concat operation. Additionally, after the concat, the result is returned as a base64 string. I am unsure of the proper 'struct' packing parameters to replicate this.
