Posted at

Python: PKCS#5 v2.0 PBKDF2 (python-pbkdf2)

More than 5 years have passed since last update.

PKCS #5: PASSWORD-BASED CRYPTOGRAPHY STANDARD

インストール:

$ pip install pbkdf2

HMAC-SHA256で128ビットの派生キーを作って、コンテンツキーをAESでラップして相手に渡す。:


def test_pbes2(self):
# PBES2-HS256+A128KW

from pbkdf2 import PBKDF2
from Crypto import Random

klen = 16 # key length

# Sender ----
cek = Random.get_random_bytes(klen) # CEK
key = Random.get_random_bytes(klen) # shared key
p2s = Random.get_random_bytes(32) # salt
p2c = 4096 # iter count

from Crypto.Hash import HMAC, SHA256, SHA384, SHA512
# Derive shared key to KEK by Alice
kek_alice = PBKDF2(key, p2s, p2c,
digestmodule=SHA256,
macmodule=HMAC).read(klen)
self.assertEqual(len(kek_alice), klen)

# Wrap CEK to CEKCI with AES
from jose.jwa.aes import aes_key_wrap
cekci = aes_key_wrap(kek_alice, cek)

# Recepient ----
# 'key' has been shared before a session.
# 'p2s', 'p2c', and 'cekci' are delivered on a session

# Derive shared key to KEY by Bob
kek_bob = PBKDF2(key, p2s, p2c,
digestmodule=SHA256,
macmodule=HMAC).read(klen)
self.assertEqual(kek_alice, kek_bob)

# UnWrap CEKCI to CEK with AES
from jose.jwa.aes import aes_key_unwrap
cek_agreed = aes_key_unwrap(kek_bob, cekci)

self.assertEqual(cek, cek_agreed)