Home Explore Help
Register Sign In
sanoh
/
G01_0350
2
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: 92685d12e3
Branches Tags
G01_0350
/
venv_win32
/
Lib
/
site-packages
/
cryptography
/
hazmat
/
primitives
/
kdf
/
x963kdf.py

x963kdf.py 2.4 KB
History Raw

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879 
  1. # This file is dual licensed under the terms of the Apache License, Version
    2. 

  2. # 2.0, and the BSD License. See the LICENSE file in the root of this repository
    3. 

  3. # for complete details.
    4. 

  4. 

  5. 

  6. import struct
    7. 

  7. import typing
    8. 

  8. 

  9. from cryptography import utils
    10. 

  10. from cryptography.exceptions import (
    11. 

  11.     AlreadyFinalized,
    12. 

  12.     InvalidKey,
    13. 

  13.     UnsupportedAlgorithm,
    14. 

  14.     _Reasons,
    15. 

  15. )
    16. 

  16. from cryptography.hazmat.backends import _get_backend
    17. 

  17. from cryptography.hazmat.backends.interfaces import Backend, HashBackend
    18. 

  18. from cryptography.hazmat.primitives import constant_time, hashes
    19. 

  19. from cryptography.hazmat.primitives.kdf import KeyDerivationFunction
    20. 

  20. 

  21. 

  22. def _int_to_u32be(n):
    23. 

  23.     return struct.pack(">I", n)
    24. 

  24. 

  25. 

  26. class X963KDF(KeyDerivationFunction):
    27. 

  27.     def __init__(
    28. 

  28.         self,
    29. 

  29.         algorithm: hashes.HashAlgorithm,
    30. 

  30.         length: int,
    31. 

  31.         sharedinfo: typing.Optional[bytes],
    32. 

  32.         backend: typing.Optional[Backend] = None,
    33. 

  33.     ):
    34. 

  34.         backend = _get_backend(backend)
    35. 

  35. 

  36.         max_len = algorithm.digest_size * (2 ** 32 - 1)
    37. 

  37.         if length > max_len:
    38. 

  38.             raise ValueError(
    39. 

  39.                 "Cannot derive keys larger than {} bits.".format(max_len)
    40. 

  40.             )
    41. 

  41.         if sharedinfo is not None:
    42. 

  42.             utils._check_bytes("sharedinfo", sharedinfo)
    43. 

  43. 

  44.         self._algorithm = algorithm
    45. 

  45.         self._length = length
    46. 

  46.         self._sharedinfo = sharedinfo
    47. 

  47. 

  48.         if not isinstance(backend, HashBackend):
    49. 

  49.             raise UnsupportedAlgorithm(
    50. 

  50.                 "Backend object does not implement HashBackend.",
    51. 

  51.                 _Reasons.BACKEND_MISSING_INTERFACE,
    52. 

  52.             )
    53. 

  53.         self._backend = backend
    54. 

  54.         self._used = False
    55. 

  55. 

  56.     def derive(self, key_material: bytes) -> bytes:
    57. 

  57.         if self._used:
    58. 

  58.             raise AlreadyFinalized
    59. 

  59.         self._used = True
    60. 

  60.         utils._check_byteslike("key_material", key_material)
    61. 

  61.         output = [b""]
    62. 

  62.         outlen = 0
    63. 

  63.         counter = 1
    64. 

  64. 

  65.         while self._length > outlen:
    66. 

  66.             h = hashes.Hash(self._algorithm, self._backend)
    67. 

  67.             h.update(key_material)
    68. 

  68.             h.update(_int_to_u32be(counter))
    69. 

  69.             if self._sharedinfo is not None:
    70. 

  70.                 h.update(self._sharedinfo)
    71. 

  71.             output.append(h.finalize())
    72. 

  72.             outlen += len(output[-1])
    73. 

  73.             counter += 1
    74. 

  74. 

  75.         return b"".join(output)[: self._length]
    76. 

  76. 

  77.     def verify(self, key_material: bytes, expected_key: bytes) -> None:
    78. 

  78.         if not constant_time.bytes_eq(self.derive(key_material), expected_key):
    79. 

  79.             raise InvalidKey
    80.