首页 发现 帮助
注册 登录
dayuan
/
manyi
6
0
派生 0
文件 工单管理 0 合并请求 0 Wiki
目录树: 34216f9fac
分支列表 标签列表
manyi
/
venv
/
Lib
/
site-packages
/
cryptography
/
hazmat
/
backends
/
openssl
/
poly1305.py

poly1305.py 2.4 KB
文件历史 原始文件

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465 
  1. # This file is dual licensed under the terms of the Apache License, Version
    2. 

  2. # 2.0, and the BSD License. See the LICENSE file in the root of this repository
    3. 

  3. # for complete details.
    4. 

  4. 

  5. from __future__ import absolute_import, division, print_function
    6. 

  6. 

  7. 

  8. from cryptography.exceptions import InvalidSignature
    9. 

  9. from cryptography.hazmat.primitives import constant_time
    10. 

  10. 

  11. 

  12. _POLY1305_TAG_SIZE = 16
    13. 

  13. _POLY1305_KEY_SIZE = 32
    14. 

  14. 

  15. 

  16. class _Poly1305Context(object):
    17. 

  17.     def __init__(self, backend, key):
    18. 

  18.         self._backend = backend
    19. 

  19. 

  20.         key_ptr = self._backend._ffi.from_buffer(key)
    21. 

  21.         # This function copies the key into OpenSSL-owned memory so we don't
    22. 

  22.         # need to retain it ourselves
    23. 

  23.         evp_pkey = self._backend._lib.EVP_PKEY_new_raw_private_key(
    24. 

  24.             self._backend._lib.NID_poly1305,
    25. 

  25.             self._backend._ffi.NULL,
    26. 

  26.             key_ptr,
    27. 

  27.             len(key),
    28. 

  28.         )
    29. 

  29.         self._backend.openssl_assert(evp_pkey != self._backend._ffi.NULL)
    30. 

  30.         self._evp_pkey = self._backend._ffi.gc(
    31. 

  31.             evp_pkey, self._backend._lib.EVP_PKEY_free
    32. 

  32.         )
    33. 

  33.         ctx = self._backend._lib.Cryptography_EVP_MD_CTX_new()
    34. 

  34.         self._backend.openssl_assert(ctx != self._backend._ffi.NULL)
    35. 

  35.         self._ctx = self._backend._ffi.gc(
    36. 

  36.             ctx, self._backend._lib.Cryptography_EVP_MD_CTX_free
    37. 

  37.         )
    38. 

  38.         res = self._backend._lib.EVP_DigestSignInit(
    39. 

  39.             self._ctx,
    40. 

  40.             self._backend._ffi.NULL,
    41. 

  41.             self._backend._ffi.NULL,
    42. 

  42.             self._backend._ffi.NULL,
    43. 

  43.             self._evp_pkey,
    44. 

  44.         )
    45. 

  45.         self._backend.openssl_assert(res == 1)
    46. 

  46. 

  47.     def update(self, data):
    48. 

  48.         data_ptr = self._backend._ffi.from_buffer(data)
    49. 

  49.         res = self._backend._lib.EVP_DigestSignUpdate(
    50. 

  50.             self._ctx, data_ptr, len(data)
    51. 

  51.         )
    52. 

  52.         self._backend.openssl_assert(res != 0)
    53. 

  53. 

  54.     def finalize(self):
    55. 

  55.         buf = self._backend._ffi.new("unsigned char[]", _POLY1305_TAG_SIZE)
    56. 

  56.         outlen = self._backend._ffi.new("size_t *")
    57. 

  57.         res = self._backend._lib.EVP_DigestSignFinal(self._ctx, buf, outlen)
    58. 

  58.         self._backend.openssl_assert(res != 0)
    59. 

  59.         self._backend.openssl_assert(outlen[0] == _POLY1305_TAG_SIZE)
    60. 

  60.         return self._backend._ffi.buffer(buf)[: outlen[0]]
    61. 

  61. 

  62.     def verify(self, tag):
    63. 

  63.         mac = self.finalize()
    64. 

  64.         if not constant_time.bytes_eq(mac, tag):
    65. 

  65.             raise InvalidSignature("Value did not match computed tag.")
    66.