Funktionierender Prototyp des Serious Games zur Vermittlung von Wissen zu Software-Engineering-Arbeitsmodellen.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

_wallet.py 3.7KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111
  1. ###############################################################################
  2. #
  3. # The MIT License (MIT)
  4. #
  5. # Copyright (c) typedef int GmbH
  6. #
  7. # Permission is hereby granted, free of charge, to any person obtaining a copy
  8. # of this software and associated documentation files (the "Software"), to deal
  9. # in the Software without restriction, including without limitation the rights
  10. # to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
  11. # copies of the Software, and to permit persons to whom the Software is
  12. # furnished to do so, subject to the following conditions:
  13. #
  14. # The above copyright notice and this permission notice shall be included in
  15. # all copies or substantial portions of the Software.
  16. #
  17. # THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
  18. # IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
  19. # FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
  20. # AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
  21. # LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
  22. # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
  23. # THE SOFTWARE.
  24. #
  25. ###############################################################################
  26. import hashlib
  27. from typing import Optional
  28. import argon2
  29. import hkdf
  30. def stretch_argon2_secret(email: str, password: str, salt: Optional[bytes] = None) -> bytes:
  31. """
  32. Compute argon2id based secret from user email and password only. This uses Argon2id
  33. for stretching a potentially weak user password/PIN and subsequent HKDF based key
  34. extending to derive private key material (PKM) for different usage contexts.
  35. The Argon2 parameters used are the following:
  36. * kdf ``argon2id-13``
  37. * time cost ``4096``
  38. * memory cost ``512``
  39. * parallelism ``1``
  40. See `draft-irtf-cfrg-argon2 <https://datatracker.ietf.org/doc/draft-irtf-cfrg-argon2/>`__ and
  41. `argon2-cffi <https://argon2-cffi.readthedocs.io/en/stable/>`__.
  42. :param email: User email.
  43. :param password: User password.
  44. :param salt: Optional salt to use (must be 16 bytes long). If none is given, compute salt
  45. from email as ``salt = SHA256(email)[:16]``.
  46. :return: The computed private key material (256b, 32 octets).
  47. """
  48. if not salt:
  49. m = hashlib.sha256()
  50. m.update(email.encode('utf8'))
  51. salt = m.digest()[:16]
  52. assert len(salt) == 16
  53. pkm = argon2.low_level.hash_secret_raw(
  54. secret=password.encode('utf8'),
  55. salt=salt,
  56. time_cost=4096,
  57. memory_cost=512,
  58. parallelism=1,
  59. hash_len=32,
  60. type=argon2.low_level.Type.ID,
  61. version=19,
  62. )
  63. return pkm
  64. def expand_argon2_secret(pkm: bytes, context: bytes, salt: Optional[bytes] = None) -> bytes:
  65. """
  66. Expand ``pkm`` and ``context`` into a key of length ``bytes`` using
  67. HKDF's expand function based on HMAC SHA-512). See the HKDF draft RFC and paper for usage notes.
  68. :param pkm:
  69. :param context:
  70. :param salt:
  71. :return:
  72. """
  73. kdf = hkdf.Hkdf(salt=salt, input_key_material=pkm, hash=hashlib.sha512)
  74. key = kdf.expand(info=context, length=32)
  75. return key
  76. def pkm_from_argon2_secret(email: str, password: str, context: str, salt: Optional[bytes] = None) -> bytes:
  77. """
  78. :param email:
  79. :param password:
  80. :param context:
  81. :param salt:
  82. :return:
  83. """
  84. if not salt:
  85. m = hashlib.sha256()
  86. m.update(email.encode('utf8'))
  87. salt = m.digest()[:16]
  88. assert len(salt) == 16
  89. context = context.encode('utf8')
  90. pkm = stretch_argon2_secret(email=email, password=password, salt=salt)
  91. key = expand_argon2_secret(pkm=pkm, context=context, salt=salt)
  92. return key