diff options
author | Ayrx <terrycwk1994@gmail.com> | 2014-05-05 13:25:11 +0800 |
---|---|---|
committer | Ayrx <terrycwk1994@gmail.com> | 2014-05-05 14:18:34 +0800 |
commit | e9d22379dd246d88d483a010be5737718e700f9b (patch) | |
tree | 6bb560a96d8be7c864b69de511544acaaf2acbde | |
parent | 2c67edd301e445bf8f65bf026882f7927d48748b (diff) | |
download | cryptography-e9d22379dd246d88d483a010be5737718e700f9b.tar.gz cryptography-e9d22379dd246d88d483a010be5737718e700f9b.tar.bz2 cryptography-e9d22379dd246d88d483a010be5737718e700f9b.zip |
Added HKDFExpandOnly
-rw-r--r-- | cryptography/hazmat/primitives/kdf/hkdf.py | 22 |
1 files changed, 22 insertions, 0 deletions
diff --git a/cryptography/hazmat/primitives/kdf/hkdf.py b/cryptography/hazmat/primitives/kdf/hkdf.py index 03500aaa..78c5bfc1 100644 --- a/cryptography/hazmat/primitives/kdf/hkdf.py +++ b/cryptography/hazmat/primitives/kdf/hkdf.py @@ -100,3 +100,25 @@ class HKDF(object): def verify(self, key_material, expected_key): if not constant_time.bytes_eq(self.derive(key_material), expected_key): raise InvalidKey + +@utils.register_interface(interfaces.KeyDerivationFunction) +class HKDFExpandOnly(HKDF): + def __init__(self, algorithm, length, info, backend): + HKDF.__init__(self, algorithm, length, None, info, backend) + + def derive(self, key_material): + if isinstance(key_material, six.text_type): + raise TypeError( + "Unicode-objects must be encoded before using them as key" + "material." + ) + + if self._used: + raise AlreadyFinalized + + self._used = True + return self._expand(key_material) + + def verify(self, key_material, expected_key): + if not constant_time.bytes_eq(self.derive(key_material), expected_key): + raise InvalidKey |