def get_sharedkey(a, B):
# Alice Computes Shared Secret: s = B^a mod p
x = pow(B, a, sharedPrime)
aKDF = Hkdf(None, str(x).encode(), hash=hashlib.sha512)
aKey = aKDF.expand(b"context1", 32)
return x, aKey
def test_vectors(self):
for vector in HKDF_TEST_VECTORS:
salt = unhexlify(vector["salt"].encode("ascii"))
IKM = unhexlify(vector["IKM"].encode("ascii"))
info = unhexlify(vector["info"].encode("ascii"))
h = Hkdf(salt=salt, input_key_material=IKM, hash=sha256)
digest = h.expand(info, vector["L"])
self.assertEqual(digest, myHKDF(IKM, vector["L"], salt, info))
#print(hexlify(digest))
expected = vector["OKM"].encode("ascii")
self.assertEqual(hexlify(digest), expected, vector)
def test_vectors(self):
for vector in HKDF_TEST_VECTORS:
salt = unhexlify(vector["salt"].encode("ascii"))
IKM = unhexlify(vector["IKM"].encode("ascii"))
info = unhexlify(vector["info"].encode("ascii"))
h = Hkdf(salt=salt, input_key_material=IKM, hash=sha256)
digest = h.expand(info, vector["L"])
self.assertEqual(digest, myHKDF(IKM, vector["L"], salt, info))
#print(hexlify(digest))
expected = vector["OKM"].encode("ascii")
self.assertEqual(hexlify(digest), expected, vector)
def deriveSecrets(self, inputKeyMaterial, salt, info):
from hkdf import Hkdf
if salt == None:
salt = b"\x00" * self.HASH_OUTPUT_SIZE
tshkdf = Hkdf(salt, inputKeyMaterial)
okm = tshkdf.expand(info, self.KEY_MATERIAL_SIZE)
cipherKey = okm[self.CIPHER_KEYS_OFFSET:self.HASH_OUTPUT_SIZE]
macKey = okm[self.MAC_KEYS_OFFSET:self.MAC_KEYS_OFFSET + self.HASH_OUTPUT_SIZE]
return ( cipherKey, macKey )
def deriveSecrets(self, inputKeyMaterial, salt, info):
from hkdf import Hkdf
if salt == None:
salt = b"\x00" * self.HASH_OUTPUT_SIZE
tshkdf = Hkdf(salt, inputKeyMaterial)
okm = tshkdf.expand(info, self.KEY_MATERIAL_SIZE)
cipherKey = okm[self.CIPHER_KEYS_OFFSET:self.HASH_OUTPUT_SIZE]
macKey = okm[self.MAC_KEYS_OFFSET:self.MAC_KEYS_OFFSET +
self.HASH_OUTPUT_SIZE]
return (cipherKey, macKey)
def expand_arbitrary_element_seed(data, num_bytes):
h = Hkdf(salt=b"", input_key_material=data, hash=hashlib.sha256)
info = b"SPAKE2 arbitrary element"
return h.expand(info, num_bytes)
def expand_password(data, num_bytes):
h = Hkdf(salt=b"", input_key_material=data, hash=hashlib.sha256)
info = b"SPAKE2 pw"
return h.expand(info, num_bytes)
def expand_arbitrary_element_seed(data, num_bytes):
h = Hkdf(salt=b"", input_key_material=data, hash=hashlib.sha256)
info = b"SPAKE2 arbitrary element"
return h.expand(info, num_bytes)
def expand_password(data, num_bytes):
h = Hkdf(salt=b"", input_key_material=data, hash=hashlib.sha256)
info = b"SPAKE2 pw"
return h.expand(info, num_bytes)