2020-05-19 13:34:16 +00:00
|
|
|
from typing import Any
|
|
|
|
|
2020-02-18 16:03:52 +00:00
|
|
|
from Crypto.Hash import (
|
|
|
|
SHA256 as _sha256,
|
|
|
|
SHA512 as _sha512,
|
|
|
|
)
|
|
|
|
from Crypto.Protocol.KDF import (
|
|
|
|
scrypt as _scrypt,
|
|
|
|
HKDF as _HKDF,
|
|
|
|
PBKDF2 as _PBKDF2,
|
|
|
|
)
|
|
|
|
from Crypto.Cipher import (
|
|
|
|
AES as _AES
|
|
|
|
)
|
|
|
|
|
2020-02-18 16:44:32 +00:00
|
|
|
|
2020-05-19 13:34:16 +00:00
|
|
|
def SHA256(x: bytes) -> bytes:
|
2020-02-18 16:03:52 +00:00
|
|
|
return _sha256.new(x).digest()
|
|
|
|
|
|
|
|
|
|
|
|
def scrypt(*, password: str, salt: str, n: int, r: int, p: int, dklen: int) -> bytes:
|
2020-09-24 13:38:39 +00:00
|
|
|
if n * r * p < 2**20: # 128 MB memory usage
|
|
|
|
raise ValueError("The Scrypt parameters chosen are not secure.")
|
2020-09-14 13:16:33 +00:00
|
|
|
if n >= 2**(128 * r / 8):
|
|
|
|
raise ValueError("The given `n` should be less than `2**(128 * r / 8)`."
|
|
|
|
f"\tGot `n={n}`, r={r}, 2**(128 * r / 8)={2**(128 * r / 8)}")
|
2020-02-18 16:03:52 +00:00
|
|
|
res = _scrypt(password=password, salt=salt, key_len=dklen, N=n, r=r, p=p)
|
|
|
|
return res if isinstance(res, bytes) else res[0] # PyCryptodome can return Tuple[bytes]
|
|
|
|
|
|
|
|
|
2020-06-26 14:10:19 +00:00
|
|
|
def PBKDF2(*, password: bytes, salt: bytes, dklen: int, c: int, prf: str) -> bytes:
|
2020-09-14 13:16:33 +00:00
|
|
|
if 'sha' not in prf:
|
|
|
|
raise ValueError(f"String 'sha' is not in `prf`({prf})")
|
2020-09-24 13:38:39 +00:00
|
|
|
if 'sha256' in prf and c < 2**18:
|
|
|
|
'''
|
|
|
|
Verify the number of rounds of SHA256-PBKDF2. SHA512 bot checked as use in BIP39
|
|
|
|
does not require and therefore doesn't use safe parameters (c=2048).
|
|
|
|
|
|
|
|
Ref: https://github.com/bitcoin/bips/blob/master/bip-0039.mediawiki#from-mnemonic-to-seed
|
|
|
|
'''
|
|
|
|
raise ValueError("The PBKDF2 parameters chosen are not secure.")
|
2020-02-18 16:03:52 +00:00
|
|
|
_hash = _sha256 if 'sha256' in prf else _sha512
|
2020-06-26 14:10:19 +00:00
|
|
|
res = _PBKDF2(password=password, salt=salt, dkLen=dklen, count=c, hmac_hash_module=_hash) # type: ignore
|
2020-02-18 16:03:52 +00:00
|
|
|
return res if isinstance(res, bytes) else res[0] # PyCryptodome can return Tuple[bytes]
|
|
|
|
|
|
|
|
|
2020-06-19 14:33:46 +00:00
|
|
|
def HKDF(*, salt: bytes, IKM: bytes, L: int, info: bytes=b'') -> bytes:
|
|
|
|
res = _HKDF(master=IKM, key_len=L, salt=salt, hashmod=_sha256, context=info)
|
2020-02-18 16:03:52 +00:00
|
|
|
return res if isinstance(res, bytes) else res[0] # PyCryptodome can return Tuple[bytes]
|
|
|
|
|
|
|
|
|
2020-05-19 13:34:16 +00:00
|
|
|
def AES_128_CTR(*, key: bytes, iv: bytes) -> Any:
|
2020-09-14 13:16:33 +00:00
|
|
|
if len(key) != 16:
|
|
|
|
raise ValueError(f"The key length should be 16. Got {len(key)}.")
|
2020-02-18 16:03:52 +00:00
|
|
|
return _AES.new(key=key, mode=_AES.MODE_CTR, initial_value=iv, nonce=b'')
|