Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

HMAC verify failure #850

Open
j67935493 opened this issue Dec 19, 2024 · 0 comments
Open

HMAC verify failure #850

j67935493 opened this issue Dec 19, 2024 · 0 comments

Comments

@j67935493
Copy link

I'm working on MAC verification of SQLCipher databases and cannot get consistent verification of multiple database's HMACs. For example, MAC verification will fail on a database and then ten minutes later, with no changes, MAC verification will succeed. The output below is from the same script, running in two different PowerShell windows, trying to verify MACs on the same database. One window passes MAC verification, the other fails. The output, and output type, from both windows are identical. MAC verification fails, and then sometimes doesn't, for over a dozen databases we have tested with, that otherwise work properly in DBrowser for SQLCipher and our other code.

I spent about 3 days and had two colleagues review and test and we've come to the conclusion that the issue is with pycryptodome's HMAC implementation. We rewrote the code to use python's native HMAC "import HMAC" and have no issues. All MAC verification unit tests for multiple databases succeed as expected using python's native HMAC library with hmac.compare_digest(), so that further reinforces our theory that there's some underlying issue with pycrypdome's HMAC implementation.

python 3.12, pycryptodome 3.21.0

## Relevant portion of the code ##
from Crypto.Hash import SHA1, SHA256, SHA512, HMAC
import struct

hmac_type = SHA512 #SHA256 #SHA1
hmac_size = hmac_type.digest_size
hmac_key = #valid derived key, code cut here for brevity
pageno = 1

mac = HMAC.new(hmac_key, digestmod=hmac_type) 
mac.update(page[:-.hmac_size])
mac.update(struct.pack("<I", pageno))

try:
    print(mac.digest())
    print(mac.hexdigest())
    m = page[-hmac_size:]
    print("type(m)", type(m), "len(m)", len(m))
    print(m)
    print(m.hex())
    mac.verify(m) #raises ValueError if MAC verification fails
except ValueError as e:
    error = "Error!" + str(e)
    return False
 
## Output from PowerShell Window #1 that passes the mac.verify(m) check ##
b'c\xfb\x19\xd4\x94\x19r\x91\r\xaa[4A\xfa\xdf\xbfj.\x14\xa5\x8aRal\xf6\xdbaBH\x85ee\xdf\xe7g\x0c\x1b~\xc2\xe8\x1e\x92\xc9\xff\x8e~D\x81\x14\x1b\xbd\xbc\x97p\x00$\xd0\xd2\x18m\xb5\xf9\xb9\xd0'
63fb19d4941972910daa5b3441fadfbf6a2e14a58a52616cf6db614248856565dfe7670c1b7ec2e81e92c9ff8e7e4481141bbdbc97700024d0d2186db5f9b9d0
type(m) <class 'bytes'> len(m) 64
b'c\xfb\x19\xd4\x94\x19r\x91\r\xaa[4A\xfa\xdf\xbfj.\x14\xa5\x8aRal\xf6\xdbaBH\x85ee\xdf\xe7g\x0c\x1b~\xc2\xe8\x1e\x92\xc9\xff\x8e~D\x81\x14\x1b\xbd\xbc\x97p\x00$\xd0\xd2\x18m\xb5\xf9\xb9\xd0'
63fb19d4941972910daa5b3441fadfbf6a2e14a58a52616cf6db614248856565dfe7670c1b7ec2e81e92c9ff8e7e4481141bbdbc97700024d0d2186db5f9b9d0
 
## Output from PowerShell Window #2 that fails the mac.verify(m) check##
b'c\xfb\x19\xd4\x94\x19r\x91\r\xaa[4A\xfa\xdf\xbfj.\x14\xa5\x8aRal\xf6\xdbaBH\x85ee\xdf\xe7g\x0c\x1b~\xc2\xe8\x1e\x92\xc9\xff\x8e~D\x81\x14\x1b\xbd\xbc\x97p\x00$\xd0\xd2\x18m\xb5\xf9\xb9\xd0'
63fb19d4941972910daa5b3441fadfbf6a2e14a58a52616cf6db614248856565dfe7670c1b7ec2e81e92c9ff8e7e4481141bbdbc97700024d0d2186db5f9b9d0
type(m) <class 'bytes'> len(m) 64
b'c\xfb\x19\xd4\x94\x19r\x91\r\xaa[4A\xfa\xdf\xbfj.\x14\xa5\x8aRal\xf6\xdbaBH\x85ee\xdf\xe7g\x0c\x1b~\xc2\xe8\x1e\x92\xc9\xff\x8e~D\x81\x14\x1b\xbd\xbc\x97p\x00$\xd0\xd2\x18m\xb5\xf9\xb9\xd0'
63fb19d4941972910daa5b3441fadfbf6a2e14a58a52616cf6db614248856565dfe7670c1b7ec2e81e92c9ff8e7e4481141bbdbc97700024d0d2186db5f9b9d0
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant