def des_cbc_encrypt(key, value, iv=b'\x00' * 8, pad=b'\x00'):
"""performs des-cbc encryption, returns only last block.
this performs a specific DES-CBC encryption implementation
as needed by the Oracle10 hash. it probably won't be useful for
other purposes as-is.
input value is null-padded to multiple of 8 bytes.
:arg key: des key as bytes
:arg value: value to encrypt, as bytes.
:param iv: optional IV
:param pad: optional pad byte
:returns: last block of DES-CBC encryption of all ``value``'s byte blocks.
"""
value += pad * (-len(value) % 8) # null pad to multiple of 8
hash = iv # start things off
for offset in irange(0, len(value), 8):
chunk = xor_bytes(hash, value[offset:offset + 8])
hash = des_encrypt_block(key, chunk)
return hash
def des_cbc_encrypt(key, value, iv=b('\x00') * 8, pad=b('\x00')):
"""performs des-cbc encryption, returns only last block.
this performs a specific DES-CBC encryption implementation
as needed by the Oracle10 hash. it probably won't be useful for
other purposes as-is.
input value is null-padded to multiple of 8 bytes.
:arg key: des key as bytes
:arg value: value to encrypt, as bytes.
:param iv: optional IV
:param pad: optional pad byte
:returns: last block of DES-CBC encryption of all ``value``'s byte blocks.
"""
value += pad * (-len(value) % 8) # null pad to multiple of 8
hash = iv # start things off
for offset in irange(0,len(value),8):
chunk = xor_bytes(hash, value[offset:offset+8])
hash = des_encrypt_block(key, chunk)
return hash
def pbkdf2(secret, salt, rounds, keylen, prf="hmac-sha1"):
"""pkcs#5 password-based key derivation v2.0
:arg secret: passphrase to use to generate key
:arg salt: salt string to use when generating key
:param rounds: number of rounds to use to generate key
:arg keylen: number of bytes to generate
:param prf:
psuedo-random family to use for key strengthening.
this can be any string or callable accepted by :func:`get_prf`.
this defaults to ``hmac-sha1`` (the only prf explicitly listed in
the PBKDF2 specification)
:returns:
raw bytes of generated key
"""
#prepare secret & salt
if not isinstance(secret, bytes):
raise TypeError("secret must be bytes, not %s" % (type(secret),))
if not isinstance(salt, bytes):
raise TypeError("salt must be bytes, not %s" % (type(salt),))
#prepare rounds
if not isinstance(rounds, (int, long)):
raise TypeError("rounds must be an integer")
if rounds < 1:
raise ValueError("rounds must be at least 1")
#special case for m2crypto + hmac-sha1
if prf == "hmac-sha1" and _EVP:
#NOTE: doing check here, because M2crypto won't take longs (which this is, under 32bit)
if keylen > MAX_HMAC_SHA1_KEYLEN:
raise ValueError("key length too long")
#NOTE: M2crypto reliably segfaults for me if given keylengths
# larger than 40 (crashes at 41 on one system, 61 on another).
# so just avoiding it for longer calls.
if keylen < 41:
return _EVP.pbkdf2(secret, salt, rounds, keylen)
#resolve prf
encode_block, digest_size = get_prf(prf)
#figure out how many blocks we'll need
bcount = (keylen+digest_size-1)//digest_size
if bcount >= MAX_BLOCKS:
raise ValueError("key length to long")
#build up key from blocks
out = BytesIO()
write = out.write
for i in xrange(1,bcount+1):
block = tmp = encode_block(secret, salt + pack(">L", i))
#NOTE: could potentially unroll this loop somewhat for speed,
# or find some faster way to accumulate & xor tmp values together
j = 1
while j < rounds:
tmp = encode_block(secret, tmp)
block = xor_bytes(block, tmp)
j += 1
write(block)
#and done
return out.getvalue()[:keylen]
def pbkdf2(secret, salt, rounds, keylen, prf="hmac-sha1"):
"""pkcs#5 password-based key derivation v2.0
:arg secret: passphrase to use to generate key
:arg salt: salt string to use when generating key
:param rounds: number of rounds to use to generate key
:arg keylen: number of bytes to generate
:param prf:
psuedo-random family to use for key strengthening.
this can be any string or callable accepted by :func:`get_prf`.
this defaults to ``hmac-sha1`` (the only prf explicitly listed in
the PBKDF2 specification)
:returns:
raw bytes of generated key
"""
#prepare secret & salt
if not isinstance(secret, bytes):
raise TypeError("secret must be bytes, not %s" % (type(secret), ))
if not isinstance(salt, bytes):
raise TypeError("salt must be bytes, not %s" % (type(salt), ))
#prepare rounds
if not isinstance(rounds, (int, long)):
raise TypeError("rounds must be an integer")
if rounds < 1:
raise ValueError("rounds must be at least 1")
#special case for m2crypto + hmac-sha1
if prf == "hmac-sha1" and _EVP:
#NOTE: doing check here, because M2crypto won't take longs (which this is, under 32bit)
if keylen > MAX_HMAC_SHA1_KEYLEN:
raise ValueError("key length too long")
#NOTE: M2crypto reliably segfaults for me if given keylengths
# larger than 40 (crashes at 41 on one system, 61 on another).
# so just avoiding it for longer calls.
if keylen < 41:
return _EVP.pbkdf2(secret, salt, rounds, keylen)
#resolve prf
encode_block, digest_size = get_prf(prf)
#figure out how many blocks we'll need
bcount = (keylen + digest_size - 1) // digest_size
if bcount >= MAX_BLOCKS:
raise ValueError("key length to long")
#build up key from blocks
out = BytesIO()
write = out.write
for i in xrange(1, bcount + 1):
block = tmp = encode_block(secret, salt + pack(">L", i))
#NOTE: could potentially unroll this loop somewhat for speed,
# or find some faster way to accumulate & xor tmp values together
j = 1
while j < rounds:
tmp = encode_block(secret, tmp)
block = xor_bytes(block, tmp)
j += 1
write(block)
#and done
return out.getvalue()[:keylen]
