crypto: add utility for create hash chains (#52929)

2021-04-16 02:53:11 +02:00 · 2021-04-16 02:53:11 +02:00 · 03a874be58
parent afc6ecd8eb
commit 03a874be58
1 changed files with 15 additions and 0 deletions
--- a/src/authentic2/crypto.py
+++ b/src/authentic2/crypto.py
@ -24,6 +24,7 @@ from Cryptodome import Random
 from Cryptodome.Cipher import AES
 from Cryptodome.Hash import HMAC, SHA256
 from Cryptodome.Protocol.KDF import PBKDF2
+from django.conf import settings
 from django.utils.crypto import constant_time_compare
 from django.utils.encoding import force_bytes

@ -206,3 +207,17 @@ def check_hmac_url(key, url, signature):
    if hasattr(signature, 'decode'):
        signature = signature.decode()
    return constant_time_compare(signature, hmac_url(key, url).encode('ascii'))
+
+
+def hash_chain(n, seed=None, encoded_seed=None):
+    '''Generate a chain of hashes'''
+    if encoded_seed:
+        seed = base64url_decode(encoded_seed.encode())
+    if hasattr(seed, 'encode'):
+        seed = seed.encode()
+    if seed is None:
+        seed = Random.get_random_bytes(16)
+    chain = [seed]
+    for dummy in range(n - 1):
+        chain.append(hashlib.sha256(chain[-1] + settings.SECRET_KEY.encode()).digest())
+    return [base64url_encode(x).decode('ascii') for x in chain]