crypto: add utility for create hash chains (#52929)
This commit is contained in:
parent
afc6ecd8eb
commit
03a874be58
|
@ -24,6 +24,7 @@ from Cryptodome import Random
|
|||
from Cryptodome.Cipher import AES
|
||||
from Cryptodome.Hash import HMAC, SHA256
|
||||
from Cryptodome.Protocol.KDF import PBKDF2
|
||||
from django.conf import settings
|
||||
from django.utils.crypto import constant_time_compare
|
||||
from django.utils.encoding import force_bytes
|
||||
|
||||
|
@ -206,3 +207,17 @@ def check_hmac_url(key, url, signature):
|
|||
if hasattr(signature, 'decode'):
|
||||
signature = signature.decode()
|
||||
return constant_time_compare(signature, hmac_url(key, url).encode('ascii'))
|
||||
|
||||
|
||||
def hash_chain(n, seed=None, encoded_seed=None):
|
||||
'''Generate a chain of hashes'''
|
||||
if encoded_seed:
|
||||
seed = base64url_decode(encoded_seed.encode())
|
||||
if hasattr(seed, 'encode'):
|
||||
seed = seed.encode()
|
||||
if seed is None:
|
||||
seed = Random.get_random_bytes(16)
|
||||
chain = [seed]
|
||||
for dummy in range(n - 1):
|
||||
chain.append(hashlib.sha256(chain[-1] + settings.SECRET_KEY.encode()).digest())
|
||||
return [base64url_encode(x).decode('ascii') for x in chain]
|
||||
|
|
Loading…
Reference in New Issue