diff options
| author | Paul Kehrer <paul.l.kehrer@gmail.com> | 2018-01-06 17:55:27 -0600 |
|---|---|---|
| committer | Alex Gaynor <alex.gaynor@gmail.com> | 2018-01-06 18:55:27 -0500 |
| commit | 858a429d88c7e35ecd224a98bfda2c3dd428ae1f (patch) | |
| tree | a0770fc5150d2b9918a5b99b94c146051dc9ab1e | |
| parent | 323f2ad66befb13ec3b31b5ab99c9448b9a6b067 (diff) | |
| download | cryptography-858a429d88c7e35ecd224a98bfda2c3dd428ae1f.tar.gz cryptography-858a429d88c7e35ecd224a98bfda2c3dd428ae1f.tar.bz2 cryptography-858a429d88c7e35ecd224a98bfda2c3dd428ae1f.zip | |
The HKDF limit is actually 255 * digest_length_in_bytes (#4037)
* The HKDF limit is actually 255 * digest_length_in_bytes
Previously we had a bug where we divided digest_size by 8...but
HashAlgorithm.digest_size is already in bytes.
* test longer output
* changelog
| -rw-r--r-- | CHANGELOG.rst | 1 | ||||
| -rw-r--r-- | src/cryptography/hazmat/primitives/kdf/hkdf.py | 2 | ||||
| -rw-r--r-- | tests/hazmat/primitives/test_hkdf.py | 22 |
3 files changed, 22 insertions, 3 deletions
diff --git a/CHANGELOG.rst b/CHANGELOG.rst index 5a256a25..5e0c0eb5 100644 --- a/CHANGELOG.rst +++ b/CHANGELOG.rst @@ -9,6 +9,7 @@ Changelog .. note:: This version is not yet released and is under active development. * **BACKWARDS INCOMPATIBLE:** Support for Python 2.6 has been dropped. +* Resolved a bug in ``HKDF`` that incorrectly constrained output size. * Added token rotation support to :doc:`Fernet </fernet>` with :meth:`~cryptography.fernet.MultiFernet.rotate`. diff --git a/src/cryptography/hazmat/primitives/kdf/hkdf.py b/src/cryptography/hazmat/primitives/kdf/hkdf.py index 964ac2cc..917b4e9c 100644 --- a/src/cryptography/hazmat/primitives/kdf/hkdf.py +++ b/src/cryptography/hazmat/primitives/kdf/hkdf.py @@ -67,7 +67,7 @@ class HKDFExpand(object): self._backend = backend - max_length = 255 * (algorithm.digest_size // 8) + max_length = 255 * algorithm.digest_size if length > max_length: raise ValueError( diff --git a/tests/hazmat/primitives/test_hkdf.py b/tests/hazmat/primitives/test_hkdf.py index a05fd752..5d2d1867 100644 --- a/tests/hazmat/primitives/test_hkdf.py +++ b/tests/hazmat/primitives/test_hkdf.py @@ -5,6 +5,7 @@ from __future__ import absolute_import, division, print_function import binascii +import os import pytest @@ -15,13 +16,15 @@ from cryptography.hazmat.backends.interfaces import HMACBackend from cryptography.hazmat.primitives import hashes from cryptography.hazmat.primitives.kdf.hkdf import HKDF, HKDFExpand -from ...utils import raises_unsupported_algorithm +from ...utils import ( + load_nist_vectors, load_vectors_from_file, raises_unsupported_algorithm +) @pytest.mark.requires_backend_interface(interface=HMACBackend) class TestHKDF(object): def test_length_limit(self, backend): - big_length = 255 * (hashes.SHA256().digest_size // 8) + 1 + big_length = 255 * hashes.SHA256().digest_size + 1 with pytest.raises(ValueError): HKDF( @@ -153,6 +156,21 @@ class TestHKDF(object): assert hkdf.derive(b"\x01" * 16) == b"gJ\xfb{" + def test_derive_long_output(self, backend): + vector = load_vectors_from_file( + os.path.join("KDF", "hkdf-generated.txt"), load_nist_vectors + )[0] + hkdf = HKDF( + hashes.SHA256(), + int(vector["l"]), + salt=vector["salt"], + info=vector["info"], + backend=backend + ) + ikm = binascii.unhexlify(vector["ikm"]) + + assert hkdf.derive(ikm) == binascii.unhexlify(vector["okm"]) + @pytest.mark.requires_backend_interface(interface=HMACBackend) class TestHKDFExpand(object): |