2001-09-11 12:54:00 -03:00
|
|
|
"""HMAC (Keyed-Hashing for Message Authentication) Python module.
|
|
|
|
|
|
|
|
Implements the HMAC algorithm as described by RFC 2104.
|
|
|
|
"""
|
|
|
|
|
|
|
|
def _strxor(s1, s2):
|
|
|
|
"""Utility method. XOR the two strings s1 and s2 (must have same length).
|
|
|
|
"""
|
|
|
|
return "".join(map(lambda x, y: chr(ord(x) ^ ord(y)), s1, s2))
|
2001-09-17 23:26:39 -03:00
|
|
|
|
2001-11-02 17:49:20 -04:00
|
|
|
# The size of the digests returned by HMAC depends on the underlying
|
|
|
|
# hashing module used.
|
|
|
|
digest_size = None
|
|
|
|
|
2004-03-20 16:11:29 -04:00
|
|
|
# A unique object passed by HMAC.copy() to the HMAC constructor, in order
|
|
|
|
# that the latter return very quickly. HMAC("") in contrast is quite
|
|
|
|
# expensive.
|
|
|
|
_secret_backdoor_key = []
|
|
|
|
|
2001-09-11 12:54:00 -03:00
|
|
|
class HMAC:
|
|
|
|
"""RFC2104 HMAC class.
|
|
|
|
|
2001-11-02 17:49:20 -04:00
|
|
|
This supports the API for Cryptographic Hash Functions (PEP 247).
|
2001-09-17 23:26:39 -03:00
|
|
|
"""
|
2001-09-11 12:54:00 -03:00
|
|
|
|
|
|
|
def __init__(self, key, msg = None, digestmod = None):
|
|
|
|
"""Create a new HMAC object.
|
|
|
|
|
|
|
|
key: key for the keyed hash object.
|
|
|
|
msg: Initial input for the hash, if provided.
|
2005-08-21 15:45:59 -03:00
|
|
|
digestmod: A module supporting PEP 247. *OR*
|
|
|
|
A hashlib constructor returning a new hash object.
|
|
|
|
Defaults to hashlib.md5.
|
2001-09-11 12:54:00 -03:00
|
|
|
"""
|
2004-03-20 16:11:29 -04:00
|
|
|
|
|
|
|
if key is _secret_backdoor_key: # cheap
|
|
|
|
return
|
|
|
|
|
2002-05-31 14:49:10 -03:00
|
|
|
if digestmod is None:
|
2005-08-21 15:45:59 -03:00
|
|
|
import hashlib
|
|
|
|
digestmod = hashlib.md5
|
2001-09-11 12:54:00 -03:00
|
|
|
|
2005-08-21 15:45:59 -03:00
|
|
|
if callable(digestmod):
|
|
|
|
self.digest_cons = digestmod
|
|
|
|
else:
|
|
|
|
self.digest_cons = lambda d='': digestmod.new(d)
|
|
|
|
|
|
|
|
self.outer = self.digest_cons()
|
|
|
|
self.inner = self.digest_cons()
|
|
|
|
self.digest_size = self.inner.digest_size
|
2001-11-13 17:51:26 -04:00
|
|
|
|
2007-11-05 20:32:04 -04:00
|
|
|
if hasattr(self.inner, 'block_size'):
|
|
|
|
blocksize = self.inner.block_size
|
|
|
|
if blocksize < 16:
|
|
|
|
# Very low blocksize, most likely a legacy value like
|
|
|
|
# Lib/sha.py and Lib/md5.py have.
|
|
|
|
blocksize = 64
|
|
|
|
else:
|
|
|
|
blocksize = 64
|
|
|
|
|
2001-09-11 12:54:00 -03:00
|
|
|
ipad = "\x36" * blocksize
|
|
|
|
opad = "\x5C" * blocksize
|
|
|
|
|
|
|
|
if len(key) > blocksize:
|
2005-08-21 15:45:59 -03:00
|
|
|
key = self.digest_cons(key).digest()
|
2001-09-11 12:54:00 -03:00
|
|
|
|
|
|
|
key = key + chr(0) * (blocksize - len(key))
|
|
|
|
self.outer.update(_strxor(key, opad))
|
|
|
|
self.inner.update(_strxor(key, ipad))
|
2002-05-31 22:29:16 -03:00
|
|
|
if msg is not None:
|
2001-09-11 12:54:00 -03:00
|
|
|
self.update(msg)
|
|
|
|
|
|
|
|
## def clear(self):
|
|
|
|
## raise NotImplementedError, "clear() method not available in HMAC."
|
|
|
|
|
|
|
|
def update(self, msg):
|
|
|
|
"""Update this hashing object with the string msg.
|
|
|
|
"""
|
|
|
|
self.inner.update(msg)
|
|
|
|
|
|
|
|
def copy(self):
|
|
|
|
"""Return a separate copy of this hashing object.
|
|
|
|
|
|
|
|
An update to this copy won't affect the original object.
|
|
|
|
"""
|
2004-03-20 16:11:29 -04:00
|
|
|
other = HMAC(_secret_backdoor_key)
|
2005-08-21 15:45:59 -03:00
|
|
|
other.digest_cons = self.digest_cons
|
2004-03-20 16:11:29 -04:00
|
|
|
other.digest_size = self.digest_size
|
2001-11-02 17:49:20 -04:00
|
|
|
other.inner = self.inner.copy()
|
|
|
|
other.outer = self.outer.copy()
|
|
|
|
return other
|
2001-09-11 12:54:00 -03:00
|
|
|
|
|
|
|
def digest(self):
|
|
|
|
"""Return the hash value of this hashing object.
|
|
|
|
|
|
|
|
This returns a string containing 8-bit data. The object is
|
|
|
|
not altered in any way by this function; you can continue
|
|
|
|
updating the object after calling this function.
|
|
|
|
"""
|
|
|
|
h = self.outer.copy()
|
|
|
|
h.update(self.inner.digest())
|
|
|
|
return h.digest()
|
|
|
|
|
|
|
|
def hexdigest(self):
|
|
|
|
"""Like digest(), but returns a string of hexadecimal digits instead.
|
|
|
|
"""
|
Remove uses of the string and types modules:
x in string.whitespace => x.isspace()
type(x) in types.StringTypes => isinstance(x, basestring)
isinstance(x, types.StringTypes) => isinstance(x, basestring)
type(x) is types.StringType => isinstance(x, str)
type(x) == types.StringType => isinstance(x, str)
string.split(x, ...) => x.split(...)
string.join(x, y) => y.join(x)
string.zfill(x, ...) => x.zfill(...)
string.count(x, ...) => x.count(...)
hasattr(types, "UnicodeType") => try: unicode except NameError:
type(x) != types.TupleTuple => not isinstance(x, tuple)
isinstance(x, types.TupleType) => isinstance(x, tuple)
type(x) is types.IntType => isinstance(x, int)
Do not mention the string module in the rlcompleter docstring.
This partially applies SF patch http://www.python.org/sf/562373
(with basestring instead of string). (It excludes the changes to
unittest.py and does not change the os.stat stuff.)
2002-06-03 12:58:32 -03:00
|
|
|
return "".join([hex(ord(x))[2:].zfill(2)
|
2001-09-11 12:54:00 -03:00
|
|
|
for x in tuple(self.digest())])
|
|
|
|
|
|
|
|
def new(key, msg = None, digestmod = None):
|
|
|
|
"""Create a new hashing object and return it.
|
|
|
|
|
|
|
|
key: The starting key for the hash.
|
|
|
|
msg: if available, will immediately be hashed into the object's starting
|
2001-09-17 23:26:39 -03:00
|
|
|
state.
|
2001-09-11 12:54:00 -03:00
|
|
|
|
|
|
|
You can now feed arbitrary strings into the object using its update()
|
|
|
|
method, and can ask for the hash value at any time by calling its digest()
|
|
|
|
method.
|
|
|
|
"""
|
|
|
|
return HMAC(key, msg, digestmod)
|