1
0
mirror of https://github.com/trezor/trezor-firmware.git synced 2024-11-14 03:30:02 +00:00

add trezor.crypto.hmac

This commit is contained in:
Pavol Rusnak 2016-04-14 18:40:13 +02:00
parent cbea384a79
commit 8b9f2a95b3
No known key found for this signature in database
GPG Key ID: 91F3B339B9A02A3D
2 changed files with 109 additions and 0 deletions

View File

@ -0,0 +1,85 @@
import sys
sys.path.append('..')
sys.path.append('../lib')
import unittest
import trezor.utils
import trezor.crypto.hash
import trezor.crypto.hmac
class TestCryptoHmac(unittest.TestCase):
# vectors from https://tools.ietf.org/html/rfc4231
def test_digest(self):
# case 1
key = b'\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b'
msg = b'Hi There'
self.assertEqual(trezor.crypto.hmac.new(key, msg, trezor.crypto.hash.sha256).digest(), trezor.utils.unhexlify('b0344c61d8db38535ca8afceaf0bf12b881dc200c9833da726e9376c2e32cff7'))
self.assertEqual(trezor.crypto.hmac.new(key, msg, trezor.crypto.hash.sha512).digest(), trezor.utils.unhexlify('87aa7cdea5ef619d4ff0b4241a1d6cb02379f4e2ce4ec2787ad0b30545e17cdedaa833b7d6b8a702038b274eaea3f4e4be9d914eeb61f1702e696c203a126854'))
# case 2
key = b'Jefe'
msg = b'what do ya want for nothing?'
self.assertEqual(trezor.crypto.hmac.new(key, msg, trezor.crypto.hash.sha256).digest(), trezor.utils.unhexlify('5bdcc146bf60754e6a042426089575c75a003f089d2739839dec58b964ec3843'))
self.assertEqual(trezor.crypto.hmac.new(key, msg, trezor.crypto.hash.sha512).digest(), trezor.utils.unhexlify('164b7a7bfcf819e2e395fbe73b56e0a387bd64222e831fd610270cd7ea2505549758bf75c05a994a6d034f65f8f0e6fdcaeab1a34d4a6b4b636e070a38bce737'))
# case 3
key = b'\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa'
msg = b'\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd'
self.assertEqual(trezor.crypto.hmac.new(key, msg, trezor.crypto.hash.sha256).digest(), trezor.utils.unhexlify('773ea91e36800e46854db8ebd09181a72959098b3ef8c122d9635514ced565fe'))
self.assertEqual(trezor.crypto.hmac.new(key, msg, trezor.crypto.hash.sha512).digest(), trezor.utils.unhexlify('fa73b0089d56a284efb0f0756c890be9b1b5dbdd8ee81a3655f83e33b2279d39bf3e848279a722c806b485a47e67c807b946a337bee8942674278859e13292fb'))
# case 4
key = b'\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19'
msg = b'\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd'
self.assertEqual(trezor.crypto.hmac.new(key, msg, trezor.crypto.hash.sha256).digest(), trezor.utils.unhexlify('82558a389a443c0ea4cc819899f2083a85f0faa3e578f8077a2e3ff46729665b'))
self.assertEqual(trezor.crypto.hmac.new(key, msg, trezor.crypto.hash.sha512).digest(), trezor.utils.unhexlify('b0ba465637458c6990e5a8c5f61d4af7e576d97ff94b872de76f8050361ee3dba91ca5c11aa25eb4d679275cc5788063a5f19741120c4f2de2adebeb10a298dd'))
# case 6
key = bytes([0xAA] * 131)
msg = b'Test Using Larger Than Block-Size Key - Hash Key First'
self.assertEqual(trezor.crypto.hmac.new(key, msg, trezor.crypto.hash.sha256).digest(), trezor.utils.unhexlify('60e431591ee0b67f0d8a26aacbf5b77f8e0bc6213728c5140546040f0ee37f54'))
self.assertEqual(trezor.crypto.hmac.new(key, msg, trezor.crypto.hash.sha512).digest(), trezor.utils.unhexlify('80b24263c7c1a3ebb71493c1dd7be8b49b46d1f41b4aeec1121b013783f8f3526b56d037e05f2598bd0fd2215d6a1e5295e64f73f63f0aec8b915a985d786598'))
# case 7
key = bytes([0xAA] * 131)
msg = b'This is a test using a larger than block-size key and a larger than block-size data. The key needs to be hashed before being used by the HMAC algorithm.'
self.assertEqual(trezor.crypto.hmac.new(key, msg, trezor.crypto.hash.sha256).digest(), trezor.utils.unhexlify('9b09ffa71b942fcb27635fbcd5b0e944bfdc63644f0713938a7f51535c3a35e2'))
self.assertEqual(trezor.crypto.hmac.new(key, msg, trezor.crypto.hash.sha512).digest(), trezor.utils.unhexlify('e37b6a775dc87dbaa4dfa9f96e5e3ffddebd71f8867289865df5a32d20cdc944b6022cac3c4982b10d5eeb55c3e4de15134676fb6de0446065c97440fa8c6a58'))
def test_update(self):
# case 3
key = b'\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa'
x = trezor.crypto.hmac.new(key, b'', trezor.crypto.hash.sha256)
for i in range(50):
x.update(b'\xdd')
self.assertEqual(x.digest(), trezor.utils.unhexlify('773ea91e36800e46854db8ebd09181a72959098b3ef8c122d9635514ced565fe'))
x = trezor.crypto.hmac.new(key, b'', trezor.crypto.hash.sha512)
for i in range(50):
x.update(b'\xdd')
self.assertEqual(x.digest(), trezor.utils.unhexlify('fa73b0089d56a284efb0f0756c890be9b1b5dbdd8ee81a3655f83e33b2279d39bf3e848279a722c806b485a47e67c807b946a337bee8942674278859e13292fb'))
# case 4
key = b'\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19'
x = trezor.crypto.hmac.new(key, b'', trezor.crypto.hash.sha256)
for i in range(50):
x.update(b'\xcd')
self.assertEqual(x.digest(), trezor.utils.unhexlify('82558a389a443c0ea4cc819899f2083a85f0faa3e578f8077a2e3ff46729665b'))
x = trezor.crypto.hmac.new(key, b'', trezor.crypto.hash.sha512)
for i in range(50):
x.update(b'\xcd')
self.assertEqual(x.digest(), trezor.utils.unhexlify('b0ba465637458c6990e5a8c5f61d4af7e576d97ff94b872de76f8050361ee3dba91ca5c11aa25eb4d679275cc5788063a5f19741120c4f2de2adebeb10a298dd'))
def test_digest_multi(self):
x = trezor.crypto.hmac.new(b'', b'', trezor.crypto.hash.sha256)
d0 = x.digest()
d1 = x.digest()
d2 = x.digest()
self.assertEqual(d0, d1)
self.assertEqual(d0, d2)
if __name__ == '__main__':
unittest.main()

24
src/trezor/crypto/hmac.py Normal file
View File

@ -0,0 +1,24 @@
class Hmac:
def __init__(self, key, msg, digest_cons):
self._digest_cons = digest_cons
self._inner = digest_cons()
self.digest_size = self._inner.digest_size
self.block_size = self._inner.block_size
if len(key) > self.block_size:
key = digest_cons(key).digest()
self._key = key + bytes(self.block_size - len(key))
self._inner.update(bytes((x ^ 0x36) for x in self._key))
if msg is not None:
self.update(msg)
def update(self, msg):
self._inner.update(msg)
def digest(self):
outer = self._digest_cons()
outer.update(bytes((x ^ 0x5C) for x in self._key))
outer.update(self._inner.digest())
return outer.digest()
def new(key, msg, digest_cons):
return Hmac(key, msg, digest_cons)