本文整理汇总了Python中hmac.HMAC类的典型用法代码示例。如果您正苦于以下问题:Python HMAC类的具体用法?Python HMAC怎么用?Python HMAC使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。
在下文中一共展示了HMAC类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: encrypt_and_hmac
def encrypt_and_hmac(self, packet):
"""
Encrypts and signs a Packet() using self.SK_ei and self.SK_ai
:param packet: Unecrypted Packet() with one or more payloads.
:return: Encrypted and signed Packet() with a single payloads.SK
"""
final = Packet(exchange_type=packet.exchange_type, iSPI=packet.iSPI, rSPI=packet.rSPI, message_id=1)
# Set up crypto
iv = os.urandom(16)
ikecrypto = Camellia(self.SK_ei, iv)
ikehash = HMAC(self.SK_ai, digestmod=sha256)
logger.debug('IV: {}'.format(dump(iv)))
# Encrypt
plain = bytes(packet)[const.IKE_HEADER.size:]
ciphertext = ikecrypto.encrypt(plain)
sk = payloads.SK(next_payload=packet.payloads[0]._type, iv=iv, ciphertext=ciphertext)
final.add_payload(sk)
logger.debug(dump(bytes(final)))
# Sign
ikehash.update(bytes(final)[:-MACLEN])
mac = ikehash.digest()[:MACLEN]
sk.mac(mac)
logger.debug(dump(bytes(final)))
return bytes(final)示例2: db_create_header
def db_create_header(self, password, vault):
vault.f_tag = self.db_version_tag
vault.f_salt = vault.urandom(32)
vault.f_iter = 2048
# Database version 4 uses one master password which is random generated
# and secondary passwords to encrypt them.
# XXX What about master normal password ?
rand_p = random_password()
rand_p.password_length = 32
master_passwd = rand_p.generate_password()
stretched_master_password = vault._stretch_password(master_passwd, vault.f_salt, vault.f_iter)
vault.f_sha_ps = hashlib.sha256(stretched_master_password).digest()
cipher = TwofishECB(stretched_master_password)
vault.f_b1 = cipher.encrypt(vault.urandom(16))
vault.f_b2 = cipher.encrypt(vault.urandom(16))
vault.f_b3 = cipher.encrypt(vault.urandom(16))
vault.f_b4 = cipher.encrypt(vault.urandom(16))
key_k = cipher.decrypt(vault.f_b1) + cipher.decrypt(vault.f_b2)
key_l = cipher.decrypt(vault.f_b3) + cipher.decrypt(vault.f_b4)
vault.f_iv = vault.urandom(16)
hmac_checker = HMAC(key_l, "", hashlib.sha256)
# No records yet
vault.f_hmac = hmac_checker.digest()
# Encrypt master password with user one
stretched_user_pass = vault._stretch_password(password, vault.f_salt, vault.f_iter)
user_cipher = TwofishECB(stretched_user_pass)
self.db_v4_passwds = [{'auth': self.db_ptag[0], 'passwd': user_cipher.encrypt(stretched_master_password), 'orig': '1'}]示例3: _create_empty
def _create_empty(self, password):
assert type(password) != unicode
self.f_tag = "PWS3"
self.f_salt = Vault._urandom(32)
self.f_iter = 2048
stretched_password = self._stretch_password(password, self.f_salt, self.f_iter)
self.f_sha_ps = hashlib.sha256(stretched_password).digest()
cipher = TwofishECB(stretched_password)
self.f_b1 = cipher.encrypt(Vault._urandom(16))
self.f_b2 = cipher.encrypt(Vault._urandom(16))
self.f_b3 = cipher.encrypt(Vault._urandom(16))
self.f_b4 = cipher.encrypt(Vault._urandom(16))
key_k = cipher.decrypt(self.f_b1) + cipher.decrypt(self.f_b2)
key_l = cipher.decrypt(self.f_b3) + cipher.decrypt(self.f_b4)
self.f_iv = Vault._urandom(16)
hmac_checker = HMAC(key_l, "", hashlib.sha256)
cipher = TwofishCBC(key_k, self.f_iv)
# No records yet
self.f_hmac = hmac_checker.digest()示例4: __findHashedHostname
def __findHashedHostname(self,hostname):
for (key,salt,res) in self.hashes:
hmac = HMAC(salt, None, sha1)
hmac.update(hostname)
ours = hmac.digest()
if ours == res:
return self.hosts.get(key)
return None示例5: generate_signature
def generate_signature(self):
from hmac import HMAC
from hashlib import sha256
key = self.webhook.secret.encode("utf-8")
msg = self.payload.encode("utf-8")
mac = HMAC(key, msg, digestmod=sha256)
return "sha256=" + mac.hexdigest()示例6: encrypt_sign_bytes
def encrypt_sign_bytes(self, raw_msg, encode_func = base64.b64encode):
assert(type(raw_msg) == str)
## encrypt, then sign (HMAC = H((K ^ O) | H((K ^ I) | M)))
enc_msg = self.encrypt_encode_bytes(raw_msg, null_encode)
msg_mac = HMAC_FUNC(self.get_key(), enc_msg, HMAC_HASH)
msg_mac = encode_func(msg_mac.digest())
enc_msg = encode_func(enc_msg)
return (enc_msg, msg_mac)示例7: test_crypto_package_str
def test_crypto_package_str(self):
from Crypto.Hash import HMAC
hmac = HMAC.new("", digestmod=SHA1Hash())
self.assertEquals(hmac.hexdigest(), self.result['empty'])
#hex_string = binascii.hexlify(self.not_empty)
hmac = HMAC.new("key", digestmod=SHA1Hash())
hmac.update("The quick brown fox jumps over the lazy dog")
self.assertEquals(hmac.hexdigest(), self.result['not_empty'])示例8: _make_request
def _make_request(self, data):
bsecret = self._secret.encode('ascii')
sign = HMAC(bsecret, digestmod=sha512)
sign.update(data.encode('ascii'))
header = {
'Content-type': self.content_type,
'Key': self._key,
'Sign': sign.hexdigest()
}
return Request(self.base, data, header)示例9: _sign
def _sign(self, stringToSign):
"""
Sign a request using the secret key. Reference: U{http://docs.amazonwebservices.com/AmazonS3/latest/dev/RESTAuthentication.html}
@param stringToSign: the string to sign for the request
@type stringToSign: str
@return: Amazon S3-required HMAC signature
@rtype: str
"""
h=HMAC(self.secretKey, digestmod=sha1)
h.update(stringToSign)
return base64.b64encode(h.digest())示例10: shatest
def shatest(key, data, digest):
h = HMAC(key, data, digestmod=_hashlib.sha1)
assertEqual(h.hexdigest().upper(), digest.upper())
assertEqual(h.name, "hmac-sha1")
assertEqual(h.digest_size, 20)
assertEqual(h.block_size, 64)
h = HMAC(key, data, digestmod='sha1')
assertEqual(h.hexdigest().upper(), digest.upper())
assertEqual(h.name, "hmac-sha1")
assertEqual(h.digest_size, 20)
assertEqual(h.block_size, 64)示例11: sas
def sas(sbNamespace,sbEntityPath,sharedAccessKey,sharedAccessKeyName):
uri = "http://" + sbNamespace + ".servicebus.windows.net/" + sbEntityPath
encodedResourceUri = quote_plus(uri)
expireInSeconds = floor( time.time() + 300 + .5 )
plainSignature = encodedResourceUri + "\n" + str(expireInSeconds)
plainSignature = plainSignature.encode('utf-8')
signed_hmac_sha256 = HMAC(sharedAccessKey,plainSignature,sha256)
digest = signed_hmac_sha256.digest()
encoded_digest = b64encode(digest)
return "SharedAccessSignature sig=%s&se=%s&skn=%s&sr=%s" % (quote_plus(encoded_digest),expireInSeconds, sharedAccessKeyName, encodedResourceUri)示例12: make_signature
def make_signature(endpoint, force_ts=None):
#
# Pick a timestamp and perform the signature required.
#
assert endpoint[0] == '/' and 'api.coinkite.com' not in endpoint, \
"Expecting abs url, got: %s" % endpoint
ts = force_ts or datetime.datetime.utcnow().isoformat()
data = endpoint + "|" + ts
hm = HMAC(API_SECRET, msg=data, digestmod=sha256)
return hm.hexdigest(), ts示例13: compute_signature
def compute_signature(self, nb):
"""Compute a notebook's signature
by hashing the entire contents of the notebook via HMAC digest.
"""
hmac = HMAC(self.secret, digestmod=self.digestmod)
# don't include the previous hash in the content to hash
with signature_removed(nb):
# sign the whole thing
for b in yield_everything(nb):
hmac.update(b)
return hmac.hexdigest()示例14: hmactest
def hmactest(key, data, hexdigests):
hmac_name = "hmac-" + hash_name
h = HMAC(key, data, digestmod=hashfunc)
assertEqual(h.hexdigest().lower(), hexdigests[hashfunc])
assertEqual(h.name, hmac_name)
assertEqual(h.digest_size, digest_size)
assertEqual(h.block_size, block_size)
h = HMAC(key, data, digestmod=hash_name)
assertEqual(h.hexdigest().lower(), hexdigests[hashfunc])
assertEqual(h.name, hmac_name)
assertEqual(h.digest_size, digest_size)
assertEqual(h.block_size, block_size)示例15: verify_hmac
def verify_hmac(self, data):
"""
Verifies the HMAC signature of an encrypted (SK, 46) payload using self.SK_ar
:param data: bytes(payloads.SK())
:raise IkeError: if calculated signature does not match the one in the payload
"""
hmac = HMAC(self.SK_ar, digestmod=sha256)
hmac_theirs = data[-MACLEN:]
hmac.update(data[:-MACLEN])
hmac_ours = hmac.digest()[:MACLEN]
logger.debug('HMAC verify (ours){} (theirs){}'.format(
binascii.hexlify(hmac_ours), binascii.hexlify(hmac_theirs)))
if hmac_ours != hmac_theirs:
raise IkeError('HMAC verify failed')