# @file hashlib_pki.py (2023-03-16T14:29Z)
# @author David Ireland <www.di-mgt.com.au/contact>
# @copyright 2023 DI Management Services Pty Ltd
# @license Apache-2.0

"""SHA-256 functions using cryptosyspki."""

# All values passed are hex-encoded

import cryptosyspki as pki
"""Available from
https://www.cryptosys.net/pki/
and https://www.cryptosys.net/pki/python.html
"""

def SHA256(hexval):
    return pki.Hash.hex_from_hex(hexval, pki.Hash.Alg.SHA256)

def HMAC_SHA256(keyhex, msghex):
    return pki.Hmac.hex_from_hex(msghex, keyhex, pki.Hmac.Alg.SHA256)

def MGF1_SHA256(msghex, mlen):
    return pki.Cnv.tohex(pki.Xof.bytes(mlen, pki.Cnv.fromhex(msghex),
        pki.Xof.Alg.MGF1_SHA256)).lower()

if __name__ == '__main__':
    # Basic SHA256 with hex-encoded input
    h = SHA256('616263')  # 'abc' in hex
    print(h)
    # ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad
    assert(h == "ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad")
    h = SHA256('')  # hash of empty string
    print(h)
    # e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
    assert(h == "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855")

    # HMAC with hex-encoded input RFC 4231
    h = HMAC_SHA256("0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b", "4869205468657265")
    print(h)
    # b0344c61d8db38535ca8afceaf0bf12b881dc200c9833da726e9376c2e32cff7
    assert(h == "b0344c61d8db38535ca8afceaf0bf12b881dc200c9833da726e9376c2e32cff7")

    # MGF1_SHA256
    h = MGF1_SHA256('3b5c056af3ebba70d4c805380420585562b32410a778f558ff951252407647e3', 34)
    print(h)
    # 5b7eb772aecf04c74af07d9d9c1c1f8d3a90dcda00d5bab1dc28daecdc86eb87611e
    assert(h == "5b7eb772aecf04c74af07d9d9c1c1f8d3a90dcda00d5bab1dc28daecdc86eb87611e")

    h = MGF1_SHA256('', 16)
    print(h)
    # df3f619804a92fdb4057192dc43dd748
    assert(h == "df3f619804a92fdb4057192dc43dd748")