Home Explore Help
Register Sign In
sanoh
/
G01_0374
2
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: 8a9052ca6d
Branches Tags
G01_0374
/
venv_win32
/
Lib
/
site-packages
/
cryptography
/
hazmat
/
primitives
/
kdf
/
pbkdf2.py

pbkdf2.py 2.3 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869 
  1. # This file is dual licensed under the terms of the Apache License, Version
    2. 

  2. # 2.0, and the BSD License. See the LICENSE file in the root of this repository
    3. 

  3. # for complete details.
    4. 

  4. 

  5. 

  6. import typing
    7. 

  7. 

  8. from cryptography import utils
    9. 

  9. from cryptography.exceptions import (
    10. 

  10.     AlreadyFinalized,
    11. 

  11.     InvalidKey,
    12. 

  12.     UnsupportedAlgorithm,
    13. 

  13.     _Reasons,
    14. 

  14. )
    15. 

  15. from cryptography.hazmat.backends import _get_backend
    16. 

  16. from cryptography.hazmat.backends.interfaces import Backend, PBKDF2HMACBackend
    17. 

  17. from cryptography.hazmat.primitives import constant_time, hashes
    18. 

  18. from cryptography.hazmat.primitives.kdf import KeyDerivationFunction
    19. 

  19. 

  20. 

  21. class PBKDF2HMAC(KeyDerivationFunction):
    22. 

  22.     def __init__(
    23. 

  23.         self,
    24. 

  24.         algorithm: hashes.HashAlgorithm,
    25. 

  25.         length: int,
    26. 

  26.         salt: bytes,
    27. 

  27.         iterations: int,
    28. 

  28.         backend: typing.Optional[Backend] = None,
    29. 

  29.     ):
    30. 

  30.         backend = _get_backend(backend)
    31. 

  31.         if not isinstance(backend, PBKDF2HMACBackend):
    32. 

  32.             raise UnsupportedAlgorithm(
    33. 

  33.                 "Backend object does not implement PBKDF2HMACBackend.",
    34. 

  34.                 _Reasons.BACKEND_MISSING_INTERFACE,
    35. 

  35.             )
    36. 

  36. 

  37.         if not backend.pbkdf2_hmac_supported(algorithm):
    38. 

  38.             raise UnsupportedAlgorithm(
    39. 

  39.                 "{} is not supported for PBKDF2 by this backend.".format(
    40. 

  40.                     algorithm.name
    41. 

  41.                 ),
    42. 

  42.                 _Reasons.UNSUPPORTED_HASH,
    43. 

  43.             )
    44. 

  44.         self._used = False
    45. 

  45.         self._algorithm = algorithm
    46. 

  46.         self._length = length
    47. 

  47.         utils._check_bytes("salt", salt)
    48. 

  48.         self._salt = salt
    49. 

  49.         self._iterations = iterations
    50. 

  50.         self._backend = backend
    51. 

  51. 

  52.     def derive(self, key_material: bytes) -> bytes:
    53. 

  53.         if self._used:
    54. 

  54.             raise AlreadyFinalized("PBKDF2 instances can only be used once.")
    55. 

  55.         self._used = True
    56. 

  56. 

  57.         utils._check_byteslike("key_material", key_material)
    58. 

  58.         return self._backend.derive_pbkdf2_hmac(
    59. 

  59.             self._algorithm,
    60. 

  60.             self._length,
    61. 

  61.             self._salt,
    62. 

  62.             self._iterations,
    63. 

  63.             key_material,
    64. 

  64.         )
    65. 

  65. 

  66.     def verify(self, key_material: bytes, expected_key: bytes) -> None:
    67. 

  67.         derived_key = self.derive(key_material)
    68. 

  68.         if not constant_time.bytes_eq(derived_key, expected_key):
    69. 

  69.             raise InvalidKey("Keys do not match.")
    70.