Did I find the right examples for you? yes no

All Samples(8)  |  Call(8)  |  Derive(0)  |  Import(0)
Compares `hmac1' and `hmac2' after HMACing them again using `key'.

The arguments `hmac1' and `hmac2' are compared.  If they are equal, `True'
is returned and otherwise `False'.  To prevent timing attacks, double HMAC
verification is used meaning that the two arguments are HMACed again before
(variable-time) string comparison.  The idea is taken from:
https://www.isecpartners.com/blog/2011/february/double-hmac-verification.aspx

        def isValidHMAC( hmac1, hmac2, key ):
    """
    Compares `hmac1' and `hmac2' after HMACing them again using `key'.

    The arguments `hmac1' and `hmac2' are compared.  If they are equal, `True'
    is returned and otherwise `False'.  To prevent timing attacks, double HMAC
    verification is used meaning that the two arguments are HMACed again before
    (variable-time) string comparison.  The idea is taken from:
    https://www.isecpartners.com/blog/2011/february/double-hmac-verification.aspx
    """

    assert len(hmac1) == len(hmac2)

    # HMAC the arguments again to prevent timing attacks.
    doubleHmac1 = mycrypto.HMAC_SHA256_128(key, hmac1)
    doubleHmac2 = mycrypto.HMAC_SHA256_128(key, hmac2)

    if doubleHmac1 != doubleHmac2:
        return False

    log.debug("The computed HMAC is valid.")

    return True
        


src/o/b/obfsproxy-0.2.8/obfsproxy/transports/scramblesuit/scramblesuit.py   obfsproxy(Download)
                                          util.getEpoch())
 
        if not util.isValidHMAC(myHMAC, existingHMAC, self.recvHMAC):
            log.warning("The HMAC is invalid: `%s' vs. `%s'." %
                        (myHMAC.encode('hex'), existingHMAC.encode('hex')))

src/o/b/obfsproxy-0.2.8/obfsproxy/transports/scramblesuit/uniformdh.py   obfsproxy(Download)
                                          util.getEpoch())
 
        if not util.isValidHMAC(myHMAC, existingHMAC, self.sharedSecret):
            log.warning("The HMAC is invalid: `%s' vs. `%s'." %
                        (myHMAC.encode('hex'), existingHMAC.encode('hex')))

src/s/c/scramblesuit-HEAD/scramblesuit.py   scramblesuit(Download)
                                              const.MARK_LENGTH] + epoch)
 
            if util.isValidHMAC(myHMAC, existingHMAC, self.recvHMAC):
                authenticated = True
                break

src/s/c/scramblesuit-HEAD/uniformdh.py   scramblesuit(Download)
                                              handshake[0 : hmacStart] + epoch)
 
            if util.isValidHMAC(myHMAC, existingHMAC, self.sharedSecret):
                self.echoEpoch = epoch
                authenticated = True

src/o/b/obfsproxy-0.2.8/obfsproxy/transports/scramblesuit/ticket.py   obfsproxy(Download)
    # Verify the ticket's authenticity before decrypting.
    hmac = HMAC.new(srvState.hmacKey, ticket[0:80], digestmod=SHA256).digest()
    if util.isValidHMAC(hmac, ticket[80:const.TICKET_LENGTH],
                        srvState.hmacKey):
        aesKey = srvState.aesKey
        oldHmac = HMAC.new(srvState.oldHmacKey, ticket[0:80],
                           digestmod=SHA256).digest()
        if util.isValidHMAC(oldHmac, ticket[80:const.TICKET_LENGTH],
                            srvState.oldHmacKey):
            aesKey = srvState.oldAesKey

src/s/c/scramblesuit-HEAD/ticket.py   scramblesuit(Download)
    # Verify the ticket's authenticity before decrypting.
    hmac = HMAC.new(srvState.hmacKey, ticket[0:80], digestmod=SHA256).digest()
    if util.isValidHMAC(hmac, ticket[80:const.TICKET_LENGTH],
                        srvState.hmacKey):
        aesKey = srvState.aesKey
        oldHmac = HMAC.new(srvState.oldHmacKey, ticket[0:80],
                           digestmod=SHA256).digest()
        if util.isValidHMAC(oldHmac, ticket[80:const.TICKET_LENGTH],
                            srvState.oldHmacKey):
            aesKey = srvState.oldAesKey