Hide keyboard shortcuts

Hot-keys on this page

r m x p   toggle line displays

j k   next/prev highlighted chunk

0   (zero) top of page

1   (one) first highlighted chunk

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

26

27

28

29

30

31

32

33

34

35

36

37

38

39

40

41

42

43

44

45

46

47

48

49

50

51

52

53

54

55

56

57

58

59

60

61

62

63

64

65

66

67

68

69

70

71

72

73

74

75

76

77

78

79

80

81

82

83

84

85

86

87

88

89

90

91

92

93

94

95

96

97

98

99

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

"""HMAC (Keyed-Hashing for Message Authentication) Python module. 

 

Implements the HMAC algorithm as described by RFC 2104. 

""" 

 

import warnings as _warnings 

from _operator import _compare_digest as compare_digest 

import hashlib as _hashlib 

 

trans_5C = bytes((x ^ 0x5C) for x in range(256)) 

trans_36 = bytes((x ^ 0x36) for x in range(256)) 

 

# The size of the digests returned by HMAC depends on the underlying 

# hashing module used. Use digest_size from the instance of HMAC instead. 

digest_size = None 

 

 

 

class HMAC: 

"""RFC 2104 HMAC class. Also complies with RFC 4231. 

 

This supports the API for Cryptographic Hash Functions (PEP 247). 

""" 

blocksize = 64 # 512-bit HMAC; can be changed in subclasses. 

 

def __init__(self, key, msg = None, digestmod = None): 

"""Create a new HMAC object. 

 

key: key for the keyed hash object. 

msg: Initial input for the hash, if provided. 

digestmod: A module supporting PEP 247. *OR* 

A hashlib constructor returning a new hash object. *OR* 

A hash name suitable for hashlib.new(). 

Defaults to hashlib.md5. 

Implicit default to hashlib.md5 is deprecated and will be 

removed in Python 3.6. 

 

Note: key and msg must be a bytes or bytearray objects. 

""" 

 

if not isinstance(key, (bytes, bytearray)): 

raise TypeError("key: expected bytes or bytearray, but got %r" % type(key).__name__) 

 

if digestmod is None: 

_warnings.warn("HMAC() without an explicit digestmod argument " 

"is deprecated.", PendingDeprecationWarning, 2) 

digestmod = _hashlib.md5 

 

if callable(digestmod): 

self.digest_cons = digestmod 

elif isinstance(digestmod, str): 

self.digest_cons = lambda d=b'': _hashlib.new(digestmod, d) 

else: 

self.digest_cons = lambda d=b'': digestmod.new(d) 

 

self.outer = self.digest_cons() 

self.inner = self.digest_cons() 

self.digest_size = self.inner.digest_size 

 

if hasattr(self.inner, 'block_size'): 

blocksize = self.inner.block_size 

if blocksize < 16: 

_warnings.warn('block_size of %d seems too small; using our ' 

'default of %d.' % (blocksize, self.blocksize), 

RuntimeWarning, 2) 

blocksize = self.blocksize 

else: 

_warnings.warn('No block_size attribute on given digest object; ' 

'Assuming %d.' % (self.blocksize), 

RuntimeWarning, 2) 

blocksize = self.blocksize 

 

# self.blocksize is the default blocksize. self.block_size is 

# effective block size as well as the public API attribute. 

self.block_size = blocksize 

 

if len(key) > blocksize: 

key = self.digest_cons(key).digest() 

 

key = key.ljust(blocksize, b'\0') 

self.outer.update(key.translate(trans_5C)) 

self.inner.update(key.translate(trans_36)) 

if msg is not None: 

self.update(msg) 

 

@property 

def name(self): 

return "hmac-" + self.inner.name 

 

def update(self, msg): 

"""Update this hashing object with the string msg. 

""" 

self.inner.update(msg) 

 

def copy(self): 

"""Return a separate copy of this hashing object. 

 

An update to this copy won't affect the original object. 

""" 

# Call __new__ directly to avoid the expensive __init__. 

other = self.__class__.__new__(self.__class__) 

other.digest_cons = self.digest_cons 

other.digest_size = self.digest_size 

other.inner = self.inner.copy() 

other.outer = self.outer.copy() 

return other 

 

def _current(self): 

"""Return a hash object for the current state. 

 

To be used only internally with digest() and hexdigest(). 

""" 

h = self.outer.copy() 

h.update(self.inner.digest()) 

return h 

 

def digest(self): 

"""Return the hash value of this hashing object. 

 

This returns a string containing 8-bit data. The object is 

not altered in any way by this function; you can continue 

updating the object after calling this function. 

""" 

h = self._current() 

return h.digest() 

 

def hexdigest(self): 

"""Like digest(), but returns a string of hexadecimal digits instead. 

""" 

h = self._current() 

return h.hexdigest() 

 

def new(key, msg = None, digestmod = None): 

"""Create a new hashing object and return it. 

 

key: The starting key for the hash. 

msg: if available, will immediately be hashed into the object's starting 

state. 

 

You can now feed arbitrary strings into the object using its update() 

method, and can ask for the hash value at any time by calling its digest() 

method. 

""" 

return HMAC(key, msg, digestmod)