使用python计算字符串的HMAC时出现问题

from hashlib import sha256 def string_to_decimal(string): res = '' for char in string: res += hex(ord(char))[2:] return int(res, 16) def decimal_to_string(number): hex_number = hex(number)[2:] hex_number = hex_number[::-1] res = '' for i in range(0, len(hex_number), 2): if i + 1 < len(hex_number): res += chr(int(hex_number[i + 1] + hex_number[i], 16)) else: res += chr(int(hex_number[i], 16)) return res[::-1] def calculate_ipad_opad(block_size, ipad, opad): res_ipad = 0 res_opad = 0 for i in range(block_size // 8): res_ipad = (res_ipad * 256) + ipad res_opad = (res_opad * 256) + opad return res_ipad, res_opad def integer_to_bytes(number): res = list() while number > 0: res.append(number % 256) number //= 256 return bytes(res[::-1]) block_size = 512 msg = 'The quick brown fox jumps over the lazy dog' key = 'key' ipad = 54 opad = 92 block_ipad, block_opad = calculate_ipad_opad(block_size, ipad, opad) key_decimal = string_to_decimal(key) si = key_decimal ^ block_ipad so = key_decimal ^ block_opad a = sha256(integer_to_bytes(so) + sha256(integer_to_bytes(si) + msg.encode()).digest()) print(a.digest())

1条回答

网友

1楼 · 发布于 2024-06-28 11:18:28

键的右侧必须填充0x00值，直到摘要的块大小（如果键大小小于块大小，这里就是这种情况）。您可以通过在return之前添加string_to_decimal()来实现这一点：

res = res.ljust(64 * 2, "0")

通过此更改，提供了预期的结果

对于实现，最好使用更详细的算法规范，例如FIPS PUB 198-1，而不是维基百科中的高度缩写描述。此外，如果申请官方test vectors，你是安全的

实际上不需要转换为十进制数，也就是说，可以直接使用类似字节的对象，这大大简化了实现：

from hashlib import sha256

msg = 'The quick brown fox jumps over the lazy dog'
key = 'key'

block_size_bytes = 64

block_opad_bytes = b'\x5c' * block_size_bytes
block_ipad_bytes = b'\x36' * block_size_bytes
key_bytes = key.encode().ljust(block_size_bytes, b'\0')

si_bytes = bytes([a ^ b for (a, b) in zip(block_ipad_bytes, key_bytes)]) 
so_bytes = bytes([a ^ b for (a, b) in zip(block_opad_bytes, key_bytes)]) 

a = sha256(so_bytes + sha256(si_bytes + msg.encode()).digest())

print(a.digest().hex()) # f7bc83f430538424b13298e6aa6fb143ef4d59a14946175997479dbc2d1a3cd8

相关问题更多 >

编程相关推荐

热门问题

热门文章