hashutil: convenience methods for tagged and encoded hashes

In various cases, including Merkle Trees, it is useful to tag and encode the inputs to your secure hashes to prevent security flaws due to ambiguous meanings of hash values.

diff --git a/src/allmydata/util/hashutil.py b/src/allmydata/util/hashutil.py
new file mode 100644 (file)
index 0000000..ccadccf
--- /dev/null
+++ b/src/allmydata/util/hashutil.py
@@ -0,0 +1,18 @@
+from allmydata.Crypto.Hash import SHA256
+
+def netstring(s):
+    return "%d:%s," % (len(s), s,)
+
+def tagged_hash(tag, val):
+    s = SHA256.new()
+    s.update(netstring(tag))
+    s.update(val)
+    return s.digest()
+            
+def tagged_pair_hash(tag, val1, val2):
+    s = SHA256.new()
+    s.update(netstring(tag))
+    s.update(netstring(val1))
+    s.update(netstring(val2))
+    return s.digest()
+