Browse Source

use `cryptography` library for pbkdf2 function

The MMGen Project 10 months ago
parent
commit
b001c1a792
3 changed files with 9 additions and 9 deletions
  1. 1 1
      .github/workflows/pylint.yaml
  2. 0 1
      alt-requirements.txt
  3. 8 7
      mmgen/altcoin/util.py

+ 1 - 1
.github/workflows/pylint.yaml

@@ -29,7 +29,7 @@ jobs:
       run: |
         python3 -m pip install gmpy2 cryptography pynacl ecdsa aiohttp requests pexpect scrypt semantic-version
         python3 -m pip install pycryptodomex pysocks pycoin ipaddress varint pylint
-        python3 -m pip install --no-deps py_ecc==1.6.0 mypy_extensions==0.4.1 monero pbkdf2
+        python3 -m pip install --no-deps py_ecc==1.6.0 mypy_extensions==0.4.1 monero
 
     - name: Check the code with Pylint static code analyzer
       env:

+ 0 - 1
alt-requirements.txt

@@ -1,2 +1 @@
 pycryptodomex
-pbkdf2

+ 8 - 7
mmgen/altcoin/util.py

@@ -48,13 +48,14 @@ def decrypt_keystore(data,passwd,mac_algo=None,mac_params={}):
 	elif kdf == 'pbkdf2':
 		if (prf := parms.get('prf')) != 'hmac-sha256':
 			die(1, f"unsupported hash function {prf!r} (must be 'hmac-sha256')")
-		from pbkdf2 import PBKDF2
-		hashed_pw = PBKDF2(
-			passphrase   = passwd,
-			salt         = bytes.fromhex(parms['salt']),
-			iterations   = parms['c'],
-			digestmodule = 'sha256',
-		).read(parms['dklen'])
+		from cryptography.hazmat.primitives import hashes
+		from cryptography.hazmat.primitives.kdf.pbkdf2 import PBKDF2HMAC
+		hashed_pw = PBKDF2HMAC(
+			algorithm  = hashes.SHA256(),
+			length     = parms['dklen'],
+			salt       = bytes.fromhex(parms['salt']),
+			iterations = parms['c']
+		).derive(passwd)
 		# see:
 		#   https://github.com/xchainjs/xchainjs-lib.git
 		#   https://github.com/xchainjs/foundry-primitives-js.git