Created
April 22, 2015 00:07
-
-
Save wizardofozzie/7a6cd1c56d14ba4e3419 to your computer and use it in GitHub Desktop.
Pbkdf_two
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import hmac | |
import struct | |
def pbkdf2(password, salt, iters, keylen, digestmod): | |
"""Run the PBKDF2 (Password-Based Key Derivation Function 2) algorithm | |
and return the derived key. The arguments are: | |
password (bytes or bytearray) -- the input password | |
salt (bytes or bytearray) -- a cryptographic salt | |
iters (int) -- number of iterations | |
keylen (int) -- length of key to derive | |
digestmod -- a cryptographic hash function: either a module | |
supporting PEP 247, a hashlib constructor, or (in Python 3.4 | |
or later) the name of a hash function. | |
For example: | |
>>> import hashlib | |
>>> from binascii import hexlify, unhexlify | |
>>> password = b'Squeamish Ossifrage' | |
>>> salt = unhexlify(b'1234567878563412') | |
>>> hexlify(pbkdf2(password, salt, 500, 16, hashlib.sha1)) | |
b'9e8f1072bdf5ef042bd988c7da83e43b' | |
""" | |
h = hmac.new(password, digestmod=digestmod) | |
def prf(data): | |
hm = h.copy() | |
hm.update(data) | |
return bytearray(hm.digest()) | |
key = bytearray() | |
i = 1 | |
while len(key) < keylen: | |
T = U = prf(salt + struct.pack('>i', i)) | |
for _ in range(iters - 1): | |
U = prf(U) | |
T = bytearray(x ^ y for x, y in zip(T, U)) | |
key += T | |
i += 1 | |
return key[:keylen] |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment