python HMAC中的填充不对吗？

Question

At the top of hmac.py are the lines:

trans_5C = "".join ([chr (x ^ 0x5C) for x in xrange(256)])
trans_36 = "".join ([chr (x ^ 0x36) for x in xrange(256)])

But the HMAC RFC (and every other source I could find) states that the inner and outer padding should be the bytes 0x5C and 0x36 repeated, not XORed with a range of numbers. That is, I expect to see:

trans_5C = chr(0x5C) * 256
trans_36 = chr(0x36) * 256

What am I missing?

Answer 1

It's not incorrect. The code applies an optimization that is non-oblivious.

The code:

trans_5C = "".join ([chr (x ^ 0x5C) for x in xrange(256)])
trans_36 = "".join ([chr (x ^ 0x36) for x in xrange(256)])

Actually computes translation strings that are latter use to perform the XOR operations for the inner and outer padding. The code latter in the HMAC class's __init__ does the XOR operations indirectly via the translate function and the precomputed strings:

    self.outer.update(key.translate(trans_5C))
    self.inner.update(key.translate(trans_36))

Lets then look at what key.translate(trans_5C) does:

str.translate(table[, deletechars])

Return a copy of the string where all characters occurring in the optional argument deletechars are removed, and the remaining characters have been mapped through the given translation table, which must be a string of length 256.

It can be shown that key.translate(trans_5C) is an optimized version of:

''.join(chr(ord(k) ^ 0x5C) for k in key)

Thereby:

>>> trans_5C = "".join ([chr (x ^ 0x5C) for x in xrange(256)])
>>> key = '0123456789'
>>> key.translate(trans_5C)
'lmnohijkde'
>>> ''.join(chr(ord(k) ^ 0x5C) for k in key)
'lmnohijkde'

The value of those two expressions is the same. The same holds if 0x5C is replaced with 0x36 .