mirror of
https://github.com/trezor/trezor-firmware.git
synced 2024-11-26 01:18:28 +00:00
add trezor.crypto.pbkdf2
This commit is contained in:
parent
8b9f2a95b3
commit
5d929fba0e
44
src/tests/test_crypto_pbkdf2.py
Normal file
44
src/tests/test_crypto_pbkdf2.py
Normal file
@ -0,0 +1,44 @@
|
||||
import sys
|
||||
sys.path.append('..')
|
||||
sys.path.append('../lib')
|
||||
import unittest
|
||||
import trezor.utils
|
||||
|
||||
import trezor.crypto.hash
|
||||
import trezor.crypto.hmac
|
||||
import trezor.crypto.pbkdf2
|
||||
|
||||
class TestCryptoPbkdf2(unittest.TestCase):
|
||||
|
||||
# vectors from https://stackoverflow.com/questions/5130513/pbkdf2-hmac-sha2-test-vectors
|
||||
def test_hmac_sha256(self):
|
||||
P = b'password'
|
||||
S = b'salt'
|
||||
k = trezor.crypto.pbkdf2.PBKDF2(P, S, 1, trezor.crypto.hash.sha256, trezor.crypto.hmac).read(32)
|
||||
self.assertEqual(k, trezor.utils.unhexlify('120fb6cffcf8b32c43e7225256c4f837a86548c92ccc35480805987cb70be17b'))
|
||||
k = trezor.crypto.pbkdf2.PBKDF2(P, S, 2, trezor.crypto.hash.sha256, trezor.crypto.hmac).read(32)
|
||||
self.assertEqual(k, trezor.utils.unhexlify('ae4d0c95af6b46d32d0adff928f06dd02a303f8ef3c251dfd6e2d85a95474c43'))
|
||||
k = trezor.crypto.pbkdf2.PBKDF2(P, S, 4096, trezor.crypto.hash.sha256, trezor.crypto.hmac).read(32)
|
||||
self.assertEqual(k, trezor.utils.unhexlify('c5e478d59288c841aa530db6845c4c8d962893a001ce4e11a4963873aa98134a'))
|
||||
P = b'passwordPASSWORDpassword'
|
||||
S = b'saltSALTsaltSALTsaltSALTsaltSALTsalt'
|
||||
k = trezor.crypto.pbkdf2.PBKDF2(P, S, 4096, trezor.crypto.hash.sha256, trezor.crypto.hmac).read(40)
|
||||
self.assertEqual(k, trezor.utils.unhexlify('348c89dbcbd32b2f32d814b8116e84cf2b17347ebc1800181c4e2a1fb8dd53e1c635518c7dac47e9'))
|
||||
|
||||
# vectors from https://stackoverflow.com/questions/15593184/pbkdf2-hmac-sha-512-test-vectors
|
||||
def test_hmac_sha512(self):
|
||||
P = b'password'
|
||||
S = b'salt'
|
||||
k = trezor.crypto.pbkdf2.PBKDF2(P, S, 1, trezor.crypto.hash.sha512, trezor.crypto.hmac).read(64)
|
||||
self.assertEqual(k, trezor.utils.unhexlify('867f70cf1ade02cff3752599a3a53dc4af34c7a669815ae5d513554e1c8cf252c02d470a285a0501bad999bfe943c08f050235d7d68b1da55e63f73b60a57fce'))
|
||||
k = trezor.crypto.pbkdf2.PBKDF2(P, S, 2, trezor.crypto.hash.sha512, trezor.crypto.hmac).read(64)
|
||||
self.assertEqual(k, trezor.utils.unhexlify('e1d9c16aa681708a45f5c7c4e215ceb66e011a2e9f0040713f18aefdb866d53cf76cab2868a39b9f7840edce4fef5a82be67335c77a6068e04112754f27ccf4e'))
|
||||
k = trezor.crypto.pbkdf2.PBKDF2(P, S, 4096, trezor.crypto.hash.sha512, trezor.crypto.hmac).read(64)
|
||||
self.assertEqual(k, trezor.utils.unhexlify('d197b1b33db0143e018b12f3d1d1479e6cdebdcc97c5c0f87f6902e072f457b5143f30602641b3d55cd335988cb36b84376060ecd532e039b742a239434af2d5'))
|
||||
P = b'passwordPASSWORDpassword'
|
||||
S = b'saltSALTsaltSALTsaltSALTsaltSALTsalt'
|
||||
k = trezor.crypto.pbkdf2.PBKDF2(P, S, 4096, trezor.crypto.hash.sha512, trezor.crypto.hmac).read(64)
|
||||
self.assertEqual(k, trezor.utils.unhexlify('8c0511f4c6e597c6ac6315d8f0362e225f3c501495ba23b868c005174dc4ee71115b59f9e60cd9532fa33e0f75aefe30225c583a186cd82bd4daea9724a3d3b8'))
|
||||
|
||||
if __name__ == '__main__':
|
||||
unittest.main()
|
@ -1,24 +1,24 @@
|
||||
class Hmac:
|
||||
def __init__(self, key, msg, digest_cons):
|
||||
self._digest_cons = digest_cons
|
||||
self._inner = digest_cons()
|
||||
self.digest_size = self._inner.digest_size
|
||||
self.block_size = self._inner.block_size
|
||||
def __init__(self, key, msg, digestmod):
|
||||
self.__digestmod = digestmod
|
||||
self.__inner = digestmod()
|
||||
self.digest_size = self.__inner.digest_size
|
||||
self.block_size = self.__inner.block_size
|
||||
if len(key) > self.block_size:
|
||||
key = digest_cons(key).digest()
|
||||
self._key = key + bytes(self.block_size - len(key))
|
||||
self._inner.update(bytes((x ^ 0x36) for x in self._key))
|
||||
key = digestmod(key).digest()
|
||||
self.__key = key + bytes(self.block_size - len(key))
|
||||
self.__inner.update(bytes((x ^ 0x36) for x in self.__key))
|
||||
if msg is not None:
|
||||
self.update(msg)
|
||||
|
||||
def update(self, msg):
|
||||
self._inner.update(msg)
|
||||
self.__inner.update(msg)
|
||||
|
||||
def digest(self):
|
||||
outer = self._digest_cons()
|
||||
outer.update(bytes((x ^ 0x5C) for x in self._key))
|
||||
outer.update(self._inner.digest())
|
||||
outer = self.__digestmod()
|
||||
outer.update(bytes((x ^ 0x5C) for x in self.__key))
|
||||
outer.update(self.__inner.digest())
|
||||
return outer.digest()
|
||||
|
||||
def new(key, msg, digest_cons):
|
||||
return Hmac(key, msg, digest_cons)
|
||||
def new(key, msg, digestmod):
|
||||
return Hmac(key, msg, digestmod)
|
||||
|
72
src/trezor/crypto/pbkdf2.py
Normal file
72
src/trezor/crypto/pbkdf2.py
Normal file
@ -0,0 +1,72 @@
|
||||
#
|
||||
# Copyright (C) 2007-2011 Dwayne C. Litzenberger <dlitz@dlitz.net>
|
||||
# Copyright (C) 2016 Pavol Rusnak <stick@gk2.sk>
|
||||
#
|
||||
# Permission is hereby granted, free of charge, to any person obtaining
|
||||
# a copy of this software and associated documentation files (the
|
||||
# "Software"), to deal in the Software without restriction, including
|
||||
# without limitation the rights to use, copy, modify, merge, publish,
|
||||
# distribute, sublicense, and/or sell copies of the Software, and to
|
||||
# permit persons to whom the Software is furnished to do so, subject to
|
||||
# the following conditions:
|
||||
#
|
||||
# The above copyright notice and this permission notice shall be
|
||||
# included in all copies or substantial portions of the Software.
|
||||
#
|
||||
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
|
||||
# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
|
||||
# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
|
||||
# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
|
||||
# LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
|
||||
# OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
|
||||
# WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
||||
#
|
||||
|
||||
from ustruct import pack
|
||||
|
||||
class PBKDF2(object):
|
||||
|
||||
def __init__(self, passphrase, salt, iterations, digestmodule, macmodule):
|
||||
self.__macmodule = macmodule
|
||||
self.__digestmodule = digestmodule
|
||||
self.__passphrase = passphrase
|
||||
self.__salt = salt
|
||||
self.__iterations = iterations
|
||||
self.__prf = self._pseudorandom
|
||||
self.__blockNum = 0
|
||||
self.__buf = b''
|
||||
self.closed = False
|
||||
|
||||
def _pseudorandom(self, key, msg):
|
||||
return self.__macmodule.new(key=key, msg=msg, digestmod=self.__digestmodule).digest()
|
||||
|
||||
def read(self, numbytes):
|
||||
if self.closed:
|
||||
raise ValueError('file-like object is closed')
|
||||
size = len(self.__buf)
|
||||
blocks = [self.__buf]
|
||||
i = self.__blockNum
|
||||
while size < numbytes:
|
||||
i += 1
|
||||
U = self.__prf(self.__passphrase, self.__salt + pack('!L', i))
|
||||
block = U
|
||||
for j in range(2, 1 + self.__iterations):
|
||||
U = self.__prf(self.__passphrase, U)
|
||||
block = bytes([x ^ y for (x, y) in zip(block, U)])
|
||||
blocks.append(block)
|
||||
size += len(block)
|
||||
buf = b''.join(blocks)
|
||||
retval = buf[:numbytes]
|
||||
self.__buf = buf[numbytes:]
|
||||
self.__blockNum = i
|
||||
return retval
|
||||
|
||||
def close(self):
|
||||
if not self.closed:
|
||||
del self.__passphrase
|
||||
del self.__salt
|
||||
del self.__iterations
|
||||
del self.__prf
|
||||
del self.__blockNum
|
||||
del self.__buf
|
||||
self.closed = True
|
Loading…
Reference in New Issue
Block a user