def _getMAC(self, mac, key):
"""
Gets a 4-tuple representing the message authentication code.
(<hash module>, <inner hash value>, <outer hash value>,
<digest size>)
@type mac: L{bytes}
@param mac: a key mapping into macMap
@type key: L{bytes}
@param key: the MAC key.
@rtype: L{bytes}
@return: The MAC components.
"""
mod = self.macMap[mac]
if not mod:
return (None, b'', b'', 0)
# With stdlib we can only get attributes fron an instantiated object.
hashObject = mod()
digestSize = hashObject.digest_size
blockSize = hashObject.block_size
# Truncation here appears to contravene RFC 2104, section 2. However,
# implementing the hashing behavior prescribed by the RFC breaks
# interoperability with OpenSSH (at least version 5.5p1).
key = key[:digestSize] + (b'\x00' * (blockSize - digestSize))
i = key.translate(hmac.trans_36)
o = key.translate(hmac.trans_5C)
result = _MACParams((mod, i, o, digestSize))
result.key = key
return result
评论列表
文章目录
