mirror of
https://github.com/trezor/trezor-firmware.git
synced 2024-11-25 17:09:44 +00:00
perf(core/extmod): replace HMAC Python implementation with C
We keep Python implementation of HMAC for Monero in core/src/apps/monero/xmr/crypto/__init__.py
This commit is contained in:
parent
2101ff8904
commit
d8534b5ee6
159
core/embed/extmod/modtrezorcrypto/modtrezorcrypto-hmac.h
Normal file
159
core/embed/extmod/modtrezorcrypto/modtrezorcrypto-hmac.h
Normal file
@ -0,0 +1,159 @@
|
||||
/*
|
||||
* This file is part of the Trezor project, https://trezor.io/
|
||||
*
|
||||
* Copyright (c) SatoshiLabs
|
||||
*
|
||||
* This program is free software: you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation, either version 3 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
|
||||
#include "py/objstr.h"
|
||||
|
||||
#include "hmac.h"
|
||||
#include "memzero.h"
|
||||
|
||||
#define SHA256 256
|
||||
#define SHA512 512
|
||||
|
||||
/// package: trezorcrypto.__init__
|
||||
|
||||
/// class hmac:
|
||||
/// """
|
||||
/// HMAC context.
|
||||
/// """
|
||||
/// SHA256: int
|
||||
/// SHA512: int
|
||||
typedef struct _mp_obj_Hmac_t {
|
||||
mp_obj_base_t base;
|
||||
union {
|
||||
HMAC_SHA256_CTX ctx256;
|
||||
HMAC_SHA512_CTX ctx512;
|
||||
};
|
||||
uint32_t hashtype;
|
||||
} mp_obj_Hmac_t;
|
||||
|
||||
STATIC mp_obj_t mod_trezorcrypto_Hmac_update(mp_obj_t self, mp_obj_t data);
|
||||
|
||||
/// def __init__(
|
||||
/// self,
|
||||
/// hashtype: int,
|
||||
/// key: bytes,
|
||||
/// message: bytes = None
|
||||
/// ) -> None:
|
||||
/// """
|
||||
/// Create a HMAC context.
|
||||
/// """
|
||||
STATIC mp_obj_t mod_trezorcrypto_Hmac_make_new(const mp_obj_type_t *type,
|
||||
size_t n_args, size_t n_kw,
|
||||
const mp_obj_t *args) {
|
||||
mp_arg_check_num(n_args, n_kw, 2, 3, false);
|
||||
mp_obj_Hmac_t *o = m_new_obj_with_finaliser(mp_obj_Hmac_t);
|
||||
o->base.type = type;
|
||||
|
||||
mp_buffer_info_t key = {0};
|
||||
mp_get_buffer_raise(args[1], &key, MP_BUFFER_READ);
|
||||
|
||||
if (key.len == 0) {
|
||||
key.buf = "";
|
||||
}
|
||||
|
||||
o->hashtype = trezor_obj_get_uint(args[0]);
|
||||
if (o->hashtype == SHA256) {
|
||||
hmac_sha256_Init(&(o->ctx256), key.buf, key.len);
|
||||
} else if (o->hashtype == SHA512) {
|
||||
hmac_sha512_Init(&(o->ctx512), key.buf, key.len);
|
||||
} else {
|
||||
mp_raise_ValueError("Invalid hashtype");
|
||||
}
|
||||
// constructor called with message as third parameter
|
||||
if (n_args > 2) {
|
||||
mod_trezorcrypto_Hmac_update(MP_OBJ_FROM_PTR(o), args[2]);
|
||||
}
|
||||
return MP_OBJ_FROM_PTR(o);
|
||||
}
|
||||
|
||||
/// def update(self, message: bytes) -> None:
|
||||
/// """
|
||||
/// Update a HMAC context.
|
||||
/// """
|
||||
STATIC mp_obj_t mod_trezorcrypto_Hmac_update(mp_obj_t self, mp_obj_t message) {
|
||||
mp_obj_Hmac_t *o = MP_OBJ_TO_PTR(self);
|
||||
mp_buffer_info_t msg = {0};
|
||||
mp_get_buffer_raise(message, &msg, MP_BUFFER_READ);
|
||||
if (o->hashtype == SHA256) {
|
||||
hmac_sha256_Update(&(o->ctx256), msg.buf, msg.len);
|
||||
} else if (o->hashtype == SHA512) {
|
||||
hmac_sha512_Update(&(o->ctx512), msg.buf, msg.len);
|
||||
} else {
|
||||
mp_raise_ValueError("Invalid hashtype");
|
||||
}
|
||||
return mp_const_none;
|
||||
}
|
||||
STATIC MP_DEFINE_CONST_FUN_OBJ_2(mod_trezorcrypto_Hmac_update_obj,
|
||||
mod_trezorcrypto_Hmac_update);
|
||||
|
||||
/// def digest(self) -> bytes:
|
||||
/// """
|
||||
/// Return the digest of processed data so far.
|
||||
/// """
|
||||
STATIC mp_obj_t mod_trezorcrypto_Hmac_digest(mp_obj_t self) {
|
||||
mp_obj_Hmac_t *o = MP_OBJ_TO_PTR(self);
|
||||
vstr_t mac = {0};
|
||||
if (o->hashtype == SHA256) {
|
||||
HMAC_SHA256_CTX ctx = {0};
|
||||
memcpy(&ctx, &(o->ctx256), sizeof(HMAC_SHA256_CTX));
|
||||
vstr_init_len(&mac, SHA256_DIGEST_LENGTH);
|
||||
hmac_sha256_Final(&ctx, (uint8_t *)mac.buf);
|
||||
memzero(&ctx, sizeof(HMAC_SHA256_CTX));
|
||||
} else if (o->hashtype == SHA512) {
|
||||
HMAC_SHA512_CTX ctx = {0};
|
||||
memcpy(&ctx, &(o->ctx512), sizeof(HMAC_SHA512_CTX));
|
||||
vstr_init_len(&mac, SHA512_DIGEST_LENGTH);
|
||||
hmac_sha512_Final(&ctx, (uint8_t *)mac.buf);
|
||||
memzero(&ctx, sizeof(HMAC_SHA512_CTX));
|
||||
} else {
|
||||
mp_raise_ValueError("Invalid hashtype");
|
||||
}
|
||||
return mp_obj_new_str_from_vstr(&mp_type_bytes, &mac);
|
||||
}
|
||||
STATIC MP_DEFINE_CONST_FUN_OBJ_1(mod_trezorcrypto_Hmac_digest_obj,
|
||||
mod_trezorcrypto_Hmac_digest);
|
||||
|
||||
STATIC mp_obj_t mod_trezorcrypto_Hmac___del__(mp_obj_t self) {
|
||||
mp_obj_Hmac_t *o = MP_OBJ_TO_PTR(self);
|
||||
memzero(&(o->ctx256), sizeof(HMAC_SHA256_CTX));
|
||||
memzero(&(o->ctx512), sizeof(HMAC_SHA512_CTX));
|
||||
return mp_const_none;
|
||||
}
|
||||
STATIC MP_DEFINE_CONST_FUN_OBJ_1(mod_trezorcrypto_Hmac___del___obj,
|
||||
mod_trezorcrypto_Hmac___del__);
|
||||
|
||||
STATIC const mp_rom_map_elem_t mod_trezorcrypto_Hmac_locals_dict_table[] = {
|
||||
{MP_ROM_QSTR(MP_QSTR_update),
|
||||
MP_ROM_PTR(&mod_trezorcrypto_Hmac_update_obj)},
|
||||
{MP_ROM_QSTR(MP_QSTR_digest),
|
||||
MP_ROM_PTR(&mod_trezorcrypto_Hmac_digest_obj)},
|
||||
{MP_ROM_QSTR(MP_QSTR___del__),
|
||||
MP_ROM_PTR(&mod_trezorcrypto_Hmac___del___obj)},
|
||||
{MP_ROM_QSTR(MP_QSTR_SHA256), MP_ROM_INT(SHA256)},
|
||||
{MP_ROM_QSTR(MP_QSTR_SHA512), MP_ROM_INT(SHA512)},
|
||||
};
|
||||
STATIC MP_DEFINE_CONST_DICT(mod_trezorcrypto_Hmac_locals_dict,
|
||||
mod_trezorcrypto_Hmac_locals_dict_table);
|
||||
|
||||
STATIC const mp_obj_type_t mod_trezorcrypto_Hmac_type = {
|
||||
{&mp_type_type},
|
||||
.name = MP_QSTR_Hmac,
|
||||
.make_new = mod_trezorcrypto_Hmac_make_new,
|
||||
.locals_dict = (void *)&mod_trezorcrypto_Hmac_locals_dict,
|
||||
};
|
@ -36,6 +36,7 @@
|
||||
#include "modtrezorcrypto-curve25519.h"
|
||||
#include "modtrezorcrypto-ed25519.h"
|
||||
#include "modtrezorcrypto-groestl.h"
|
||||
#include "modtrezorcrypto-hmac.h"
|
||||
#include "modtrezorcrypto-nist256p1.h"
|
||||
#include "modtrezorcrypto-pbkdf2.h"
|
||||
#include "modtrezorcrypto-random.h"
|
||||
@ -77,6 +78,7 @@ STATIC const mp_rom_map_elem_t mp_module_trezorcrypto_globals_table[] = {
|
||||
MP_ROM_PTR(&mod_trezorcrypto_nist256p1_module)},
|
||||
{MP_ROM_QSTR(MP_QSTR_groestl512),
|
||||
MP_ROM_PTR(&mod_trezorcrypto_Groestl512_type)},
|
||||
{MP_ROM_QSTR(MP_QSTR_hmac), MP_ROM_PTR(&mod_trezorcrypto_Hmac_type)},
|
||||
#if !BITCOIN_ONLY
|
||||
{MP_ROM_QSTR(MP_QSTR_nem), MP_ROM_PTR(&mod_trezorcrypto_nem_module)},
|
||||
#endif
|
||||
|
@ -173,6 +173,35 @@ class groestl512:
|
||||
"""
|
||||
|
||||
|
||||
# extmod/modtrezorcrypto/modtrezorcrypto-hmac.h
|
||||
class hmac:
|
||||
"""
|
||||
HMAC context.
|
||||
"""
|
||||
SHA256: int
|
||||
SHA512: int
|
||||
|
||||
def __init__(
|
||||
self,
|
||||
hashtype: int,
|
||||
key: bytes,
|
||||
message: bytes = None
|
||||
) -> None:
|
||||
"""
|
||||
Create a HMAC context.
|
||||
"""
|
||||
|
||||
def update(self, message: bytes) -> None:
|
||||
"""
|
||||
Update a HMAC context.
|
||||
"""
|
||||
|
||||
def digest(self) -> bytes:
|
||||
"""
|
||||
Return the digest of processed data so far.
|
||||
"""
|
||||
|
||||
|
||||
# extmod/modtrezorcrypto/modtrezorcrypto-pbkdf2.h
|
||||
class pbkdf2:
|
||||
"""
|
||||
|
@ -111,4 +111,4 @@ def get_identifier(script_pubkey: bytes, keychain: Keychain) -> bytes:
|
||||
node = keychain.derive_slip21(_OWNERSHIP_ID_KEY_PATH)
|
||||
|
||||
# id = HMAC-SHA256(key = k, msg = scriptPubKey)
|
||||
return hmac.Hmac(node.key(), script_pubkey, hashlib.sha256).digest()
|
||||
return hmac(hmac.SHA256, node.key(), script_pubkey).digest()
|
||||
|
@ -1,6 +1,6 @@
|
||||
from storage import cache, device
|
||||
from trezor import wire
|
||||
from trezor.crypto import bip32, hashlib, hmac
|
||||
from trezor.crypto import bip32, hmac
|
||||
|
||||
from . import mnemonic
|
||||
from .passphrase import get as get_passphrase
|
||||
@ -15,7 +15,7 @@ class Slip21Node:
|
||||
if data is not None:
|
||||
self.data = data
|
||||
elif seed is not None:
|
||||
self.data = hmac.new(b"Symmetric key seed", seed, hashlib.sha512).digest()
|
||||
self.data = hmac(hmac.SHA512, b"Symmetric key seed", seed).digest()
|
||||
else:
|
||||
raise ValueError # neither seed nor data specified
|
||||
|
||||
@ -24,7 +24,7 @@ class Slip21Node:
|
||||
|
||||
def derive_path(self, path: Slip21Path) -> None:
|
||||
for label in path:
|
||||
h = hmac.new(self.data[0:32], b"\x00", hashlib.sha512)
|
||||
h = hmac(hmac.SHA512, self.data[0:32], b"\x00")
|
||||
h.update(label)
|
||||
self.data = h.digest()
|
||||
|
||||
|
@ -1,6 +1,5 @@
|
||||
from trezor import wire
|
||||
from trezor.crypto import aes, hmac
|
||||
from trezor.crypto.hashlib import sha512
|
||||
from trezor.messages.CipheredKeyValue import CipheredKeyValue
|
||||
from trezor.ui.text import Text
|
||||
|
||||
@ -34,7 +33,7 @@ def compute_cipher_key_value(msg, seckey: bytes) -> bytes:
|
||||
data = msg.key
|
||||
data += "E1" if msg.ask_on_encrypt else "E0"
|
||||
data += "D1" if msg.ask_on_decrypt else "D0"
|
||||
data = hmac.new(seckey, data, sha512).digest()
|
||||
data = hmac(hmac.SHA512, seckey, data).digest()
|
||||
key = data[:32]
|
||||
if msg.iv and len(msg.iv) == 16:
|
||||
iv = msg.iv
|
||||
|
@ -7,7 +7,7 @@
|
||||
# https://tools.ietf.org/html/draft-josefsson-eddsa-ed25519-00#section-4
|
||||
# https://github.com/monero-project/research-lab
|
||||
|
||||
from trezor.crypto import hmac, monero as tcry, random
|
||||
from trezor.crypto import monero as tcry, random
|
||||
from trezor.crypto.hashlib import sha3_256
|
||||
|
||||
if False:
|
||||
@ -37,9 +37,27 @@ def keccak_2hash(inp, buff=None):
|
||||
return buff
|
||||
|
||||
|
||||
def compute_hmac(key, msg=None):
|
||||
h = hmac.new(key, msg=msg, digestmod=keccak_factory)
|
||||
return h.digest()
|
||||
def compute_hmac(key, msg):
|
||||
digestmod = keccak_factory
|
||||
inner = digestmod()
|
||||
block_size = inner.block_size
|
||||
if len(key) > block_size:
|
||||
key = digestmod(key).digest()
|
||||
key_block = bytearray(block_size)
|
||||
for i in range(block_size):
|
||||
key_block[i] = 0x36
|
||||
for i in range(len(key)):
|
||||
key_block[i] ^= key[i]
|
||||
inner.update(key_block)
|
||||
inner.update(msg)
|
||||
outer = digestmod()
|
||||
for i in range(block_size):
|
||||
key_block[i] = 0x5C
|
||||
for i in range(len(key)):
|
||||
key_block[i] ^= key[i]
|
||||
outer.update(key_block)
|
||||
outer.update(inner.digest())
|
||||
return outer.digest()
|
||||
|
||||
|
||||
#
|
||||
|
@ -394,7 +394,7 @@ class U2fCredential(Credential):
|
||||
keypath = ustruct.pack("<8L", *path)
|
||||
|
||||
# second half of keyhandle is a hmac of rp_id_hash and keypath
|
||||
mac = hmac.Hmac(self.node.private_key(), self.rp_id_hash, hashlib.sha256)
|
||||
mac = hmac(hmac.SHA256, self.node.private_key(), self.rp_id_hash)
|
||||
mac.update(keypath)
|
||||
|
||||
self.id = keypath + mac.digest()
|
||||
@ -453,7 +453,7 @@ class U2fCredential(Credential):
|
||||
node = seed.derive_node_without_passphrase(nodepath, "nist256p1")
|
||||
|
||||
# second half of keyhandle is a hmac of rp_id_hash and keypath
|
||||
mac = hmac.Hmac(node.private_key(), rp_id_hash, hashlib.sha256)
|
||||
mac = hmac(hmac.SHA256, node.private_key(), rp_id_hash)
|
||||
mac.update(keypath)
|
||||
|
||||
# verify the hmac
|
||||
|
@ -1796,7 +1796,7 @@ def cbor_get_assertion_hmac_secret(
|
||||
shared_secret = hashlib.sha256(ecdh_result[1:33]).digest()
|
||||
|
||||
# Check the authentication tag and decrypt the salt.
|
||||
tag = hmac.Hmac(shared_secret, salt_enc, hashlib.sha256).digest()[:16]
|
||||
tag = hmac(hmac.SHA256, shared_secret, salt_enc).digest()[:16]
|
||||
if not utils.consteq(tag, salt_auth):
|
||||
raise CborError(_ERR_EXTENSION_FIRST)
|
||||
salt = aes(aes.CBC, shared_secret).decrypt(salt_enc)
|
||||
@ -1808,9 +1808,9 @@ def cbor_get_assertion_hmac_secret(
|
||||
return None
|
||||
|
||||
# Compute the hmac-secret output.
|
||||
output = hmac.Hmac(cred_random, salt[:32], hashlib.sha256).digest()
|
||||
output = hmac(hmac.SHA256, cred_random, salt[:32]).digest()
|
||||
if len(salt) == 64:
|
||||
output += hmac.Hmac(cred_random, salt[32:], hashlib.sha256).digest()
|
||||
output += hmac(hmac.SHA256, cred_random, salt[32:]).digest()
|
||||
|
||||
# Encrypt the hmac-secret output.
|
||||
return aes(aes.CBC, shared_secret).encrypt(output)
|
||||
|
@ -3,7 +3,6 @@ from micropython import const
|
||||
import storage.device
|
||||
from trezor import fatfs
|
||||
from trezor.crypto import hmac
|
||||
from trezor.crypto.hashlib import sha256
|
||||
from trezor.sdcard import with_filesystem
|
||||
from trezor.utils import consteq
|
||||
|
||||
@ -26,7 +25,7 @@ def is_enabled() -> bool:
|
||||
|
||||
|
||||
def compute_auth_tag(salt: bytes, auth_key: bytes) -> bytes:
|
||||
digest = hmac.new(auth_key, salt, sha256).digest()
|
||||
digest = hmac(hmac.SHA256, auth_key, salt).digest()
|
||||
return digest[:SD_SALT_AUTH_TAG_LEN_BYTES]
|
||||
|
||||
|
||||
|
@ -4,6 +4,7 @@ from trezorcrypto import ( # noqa: F401
|
||||
bip39,
|
||||
chacha20poly1305,
|
||||
crc,
|
||||
hmac,
|
||||
pbkdf2,
|
||||
random,
|
||||
)
|
||||
|
@ -1,53 +0,0 @@
|
||||
if False:
|
||||
from typing import Protocol, Type
|
||||
|
||||
class HashContext(Protocol):
|
||||
|
||||
digest_size = -1 # type: int
|
||||
block_size = -1 # type: int
|
||||
|
||||
def __init__(self, data: bytes = None) -> None:
|
||||
...
|
||||
|
||||
def update(self, data: bytes) -> None:
|
||||
...
|
||||
|
||||
def digest(self) -> bytes:
|
||||
...
|
||||
|
||||
|
||||
class Hmac:
|
||||
def __init__(self, key: bytes, msg: bytes, digestmod: Type[HashContext]):
|
||||
self.digestmod = digestmod
|
||||
self.inner = digestmod()
|
||||
self.digest_size = self.inner.digest_size
|
||||
self.block_size = self.inner.block_size
|
||||
|
||||
if len(key) > self.block_size:
|
||||
key = digestmod(key).digest()
|
||||
self.key = key + bytes(self.block_size - len(key))
|
||||
self.inner.update(bytes((x ^ 0x36) for x in self.key))
|
||||
if msg is not None:
|
||||
self.update(msg)
|
||||
|
||||
def update(self, msg: bytes) -> None:
|
||||
"""
|
||||
Update the context with data.
|
||||
"""
|
||||
self.inner.update(msg)
|
||||
|
||||
def digest(self) -> bytes:
|
||||
"""
|
||||
Returns the digest of processed data.
|
||||
"""
|
||||
outer = self.digestmod()
|
||||
outer.update(bytes((x ^ 0x5C) for x in self.key))
|
||||
outer.update(self.inner.digest())
|
||||
return outer.digest()
|
||||
|
||||
|
||||
def new(key: bytes, msg: bytes, digestmod: Type[HashContext]) -> Hmac:
|
||||
"""
|
||||
Creates a HMAC context object.
|
||||
"""
|
||||
return Hmac(key, msg, digestmod)
|
@ -33,7 +33,7 @@ See https://github.com/satoshilabs/slips/blob/master/slip-0039.md.
|
||||
from micropython import const
|
||||
from trezorcrypto import shamir, slip39
|
||||
|
||||
from trezor.crypto import hashlib, hmac, pbkdf2, random
|
||||
from trezor.crypto import hmac, pbkdf2, random
|
||||
from trezor.errors import MnemonicError
|
||||
|
||||
if False:
|
||||
@ -479,9 +479,7 @@ def _get_salt(identifier: int) -> bytes:
|
||||
|
||||
|
||||
def _create_digest(random_data: bytes, shared_secret: bytes) -> bytes:
|
||||
return hmac.new(random_data, shared_secret, hashlib.sha256).digest()[
|
||||
:_DIGEST_LENGTH_BYTES
|
||||
]
|
||||
return hmac(hmac.SHA256, random_data, shared_secret).digest()[:_DIGEST_LENGTH_BYTES]
|
||||
|
||||
|
||||
def _split_secret(
|
||||
|
@ -1,7 +1,5 @@
|
||||
from common import *
|
||||
|
||||
from trezor.crypto import hashlib
|
||||
|
||||
from trezor.crypto import hmac
|
||||
|
||||
|
||||
@ -14,65 +12,65 @@ class TestCryptoHmac(unittest.TestCase):
|
||||
# case 1
|
||||
key = b'\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b'
|
||||
msg = b'Hi There'
|
||||
self.assertEqual(hmac.new(key, msg, hashlib.sha256).digest(), unhexlify('b0344c61d8db38535ca8afceaf0bf12b881dc200c9833da726e9376c2e32cff7'))
|
||||
self.assertEqual(hmac.new(key, msg, hashlib.sha512).digest(), unhexlify('87aa7cdea5ef619d4ff0b4241a1d6cb02379f4e2ce4ec2787ad0b30545e17cdedaa833b7d6b8a702038b274eaea3f4e4be9d914eeb61f1702e696c203a126854'))
|
||||
self.assertEqual(hmac(hmac.SHA256, key, msg).digest(), unhexlify('b0344c61d8db38535ca8afceaf0bf12b881dc200c9833da726e9376c2e32cff7'))
|
||||
self.assertEqual(hmac(hmac.SHA512, key, msg).digest(), unhexlify('87aa7cdea5ef619d4ff0b4241a1d6cb02379f4e2ce4ec2787ad0b30545e17cdedaa833b7d6b8a702038b274eaea3f4e4be9d914eeb61f1702e696c203a126854'))
|
||||
|
||||
# case 2
|
||||
key = b'Jefe'
|
||||
msg = b'what do ya want for nothing?'
|
||||
self.assertEqual(hmac.new(key, msg, hashlib.sha256).digest(), unhexlify('5bdcc146bf60754e6a042426089575c75a003f089d2739839dec58b964ec3843'))
|
||||
self.assertEqual(hmac.new(key, msg, hashlib.sha512).digest(), unhexlify('164b7a7bfcf819e2e395fbe73b56e0a387bd64222e831fd610270cd7ea2505549758bf75c05a994a6d034f65f8f0e6fdcaeab1a34d4a6b4b636e070a38bce737'))
|
||||
self.assertEqual(hmac(hmac.SHA256, key, msg).digest(), unhexlify('5bdcc146bf60754e6a042426089575c75a003f089d2739839dec58b964ec3843'))
|
||||
self.assertEqual(hmac(hmac.SHA512, key, msg).digest(), unhexlify('164b7a7bfcf819e2e395fbe73b56e0a387bd64222e831fd610270cd7ea2505549758bf75c05a994a6d034f65f8f0e6fdcaeab1a34d4a6b4b636e070a38bce737'))
|
||||
|
||||
# case 3
|
||||
key = b'\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa'
|
||||
msg = b'\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd'
|
||||
self.assertEqual(hmac.new(key, msg, hashlib.sha256).digest(), unhexlify('773ea91e36800e46854db8ebd09181a72959098b3ef8c122d9635514ced565fe'))
|
||||
self.assertEqual(hmac.new(key, msg, hashlib.sha512).digest(), unhexlify('fa73b0089d56a284efb0f0756c890be9b1b5dbdd8ee81a3655f83e33b2279d39bf3e848279a722c806b485a47e67c807b946a337bee8942674278859e13292fb'))
|
||||
self.assertEqual(hmac(hmac.SHA256, key, msg).digest(), unhexlify('773ea91e36800e46854db8ebd09181a72959098b3ef8c122d9635514ced565fe'))
|
||||
self.assertEqual(hmac(hmac.SHA512, key, msg).digest(), unhexlify('fa73b0089d56a284efb0f0756c890be9b1b5dbdd8ee81a3655f83e33b2279d39bf3e848279a722c806b485a47e67c807b946a337bee8942674278859e13292fb'))
|
||||
|
||||
# case 4
|
||||
key = b'\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19'
|
||||
msg = b'\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd'
|
||||
self.assertEqual(hmac.new(key, msg, hashlib.sha256).digest(), unhexlify('82558a389a443c0ea4cc819899f2083a85f0faa3e578f8077a2e3ff46729665b'))
|
||||
self.assertEqual(hmac.new(key, msg, hashlib.sha512).digest(), unhexlify('b0ba465637458c6990e5a8c5f61d4af7e576d97ff94b872de76f8050361ee3dba91ca5c11aa25eb4d679275cc5788063a5f19741120c4f2de2adebeb10a298dd'))
|
||||
self.assertEqual(hmac(hmac.SHA256, key, msg).digest(), unhexlify('82558a389a443c0ea4cc819899f2083a85f0faa3e578f8077a2e3ff46729665b'))
|
||||
self.assertEqual(hmac(hmac.SHA512, key, msg).digest(), unhexlify('b0ba465637458c6990e5a8c5f61d4af7e576d97ff94b872de76f8050361ee3dba91ca5c11aa25eb4d679275cc5788063a5f19741120c4f2de2adebeb10a298dd'))
|
||||
|
||||
# case 6
|
||||
key = bytes([0xAA] * 131)
|
||||
msg = b'Test Using Larger Than Block-Size Key - Hash Key First'
|
||||
self.assertEqual(hmac.new(key, msg, hashlib.sha256).digest(), unhexlify('60e431591ee0b67f0d8a26aacbf5b77f8e0bc6213728c5140546040f0ee37f54'))
|
||||
self.assertEqual(hmac.new(key, msg, hashlib.sha512).digest(), unhexlify('80b24263c7c1a3ebb71493c1dd7be8b49b46d1f41b4aeec1121b013783f8f3526b56d037e05f2598bd0fd2215d6a1e5295e64f73f63f0aec8b915a985d786598'))
|
||||
self.assertEqual(hmac(hmac.SHA256, key, msg).digest(), unhexlify('60e431591ee0b67f0d8a26aacbf5b77f8e0bc6213728c5140546040f0ee37f54'))
|
||||
self.assertEqual(hmac(hmac.SHA512, key, msg).digest(), unhexlify('80b24263c7c1a3ebb71493c1dd7be8b49b46d1f41b4aeec1121b013783f8f3526b56d037e05f2598bd0fd2215d6a1e5295e64f73f63f0aec8b915a985d786598'))
|
||||
|
||||
# case 7
|
||||
key = bytes([0xAA] * 131)
|
||||
msg = b'This is a test using a larger than block-size key and a larger than block-size data. The key needs to be hashed before being used by the HMAC algorithm.'
|
||||
self.assertEqual(hmac.new(key, msg, hashlib.sha256).digest(), unhexlify('9b09ffa71b942fcb27635fbcd5b0e944bfdc63644f0713938a7f51535c3a35e2'))
|
||||
self.assertEqual(hmac.new(key, msg, hashlib.sha512).digest(), unhexlify('e37b6a775dc87dbaa4dfa9f96e5e3ffddebd71f8867289865df5a32d20cdc944b6022cac3c4982b10d5eeb55c3e4de15134676fb6de0446065c97440fa8c6a58'))
|
||||
self.assertEqual(hmac(hmac.SHA256, key, msg).digest(), unhexlify('9b09ffa71b942fcb27635fbcd5b0e944bfdc63644f0713938a7f51535c3a35e2'))
|
||||
self.assertEqual(hmac(hmac.SHA512, key, msg).digest(), unhexlify('e37b6a775dc87dbaa4dfa9f96e5e3ffddebd71f8867289865df5a32d20cdc944b6022cac3c4982b10d5eeb55c3e4de15134676fb6de0446065c97440fa8c6a58'))
|
||||
|
||||
def test_update(self):
|
||||
|
||||
# case 3
|
||||
key = b'\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa'
|
||||
x = hmac.new(key, b'', hashlib.sha256)
|
||||
x = hmac(hmac.SHA256, key)
|
||||
for i in range(50):
|
||||
x.update(b'\xdd')
|
||||
self.assertEqual(x.digest(), unhexlify('773ea91e36800e46854db8ebd09181a72959098b3ef8c122d9635514ced565fe'))
|
||||
x = hmac.new(key, b'', hashlib.sha512)
|
||||
x = hmac(hmac.SHA512, key)
|
||||
for i in range(50):
|
||||
x.update(b'\xdd')
|
||||
self.assertEqual(x.digest(), unhexlify('fa73b0089d56a284efb0f0756c890be9b1b5dbdd8ee81a3655f83e33b2279d39bf3e848279a722c806b485a47e67c807b946a337bee8942674278859e13292fb'))
|
||||
|
||||
# case 4
|
||||
key = b'\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19'
|
||||
x = hmac.new(key, b'', hashlib.sha256)
|
||||
x = hmac(hmac.SHA256, key)
|
||||
for i in range(50):
|
||||
x.update(b'\xcd')
|
||||
self.assertEqual(x.digest(), unhexlify('82558a389a443c0ea4cc819899f2083a85f0faa3e578f8077a2e3ff46729665b'))
|
||||
x = hmac.new(key, b'', hashlib.sha512)
|
||||
x = hmac(hmac.SHA512, key)
|
||||
for i in range(50):
|
||||
x.update(b'\xcd')
|
||||
self.assertEqual(x.digest(), unhexlify('b0ba465637458c6990e5a8c5f61d4af7e576d97ff94b872de76f8050361ee3dba91ca5c11aa25eb4d679275cc5788063a5f19741120c4f2de2adebeb10a298dd'))
|
||||
|
||||
def test_digest_multi(self):
|
||||
x = hmac.new(b'', b'', hashlib.sha256)
|
||||
x = hmac(hmac.SHA256, b'')
|
||||
d0 = x.digest()
|
||||
d1 = x.digest()
|
||||
d2 = x.digest()
|
||||
|
Loading…
Reference in New Issue
Block a user