Warning: Can't synchronize with repository "(default)" (Unsupported version control system "svn": No module named svn). Look in the Trac log for more information.

Ticket #2133: beaker-hmac2.4.patch

File beaker-hmac2.4.patch, 2.8 KB (added by toshio, 3 years ago)

version checking to ensure compatibility of sha and hmac imports

  • Beaker-1.3.1/beaker/crypto/pbkdf2.py 

    diff -up Beaker-1.3.1/beaker/crypto/pbkdf2.py.hmac Beaker-1.3.1/beaker/crypto/pbkdf2.py
    old new try: 
    7979except ImportError: 
    8080    # PyCrypto not available.  Use the Python standard library. 
    8181    import hmac as HMAC 
    82     try: 
    83         from hashlib import sha1 as SHA1 
    84     except ImportError: 
     82    import sys 
     83    # When using the stdlib, we have to make sure the hmac version and sha 
     84    # version are compatible 
     85    if sys.version_info[0:2] <= (2,4): 
     86        # hmac in python2.4 or less require the sha module 
     87        import sha as SHA1 
     88    else: 
    8589        # NOTE: We have to use the callable with hashlib (hashlib.sha1), 
    8690        # otherwise hmac only accepts the sha module object itself 
    87         import sha as SHA1 
     91        from hashlib import sha1 as SHA1 
    8892 
    8993def strxor(a, b): 
    9094    return "".join([chr(ord(x) ^ ord(y)) for (x, y) in zip(a, b)]) 

  • Beaker-1.3.1/beaker/session.py 

    diff -up Beaker-1.3.1/beaker/session.py.hmac Beaker-1.3.1/beaker/session.py
    old new import random 
    66import time 
    77from datetime import datetime, timedelta 
    88try: 
    9     from hashlib import md5, sha1 
     9    from hashlib import md5 
    1010except ImportError: 
    1111    from md5 import md5 
    12     # NOTE: We have to use the callable with hashlib (hashlib.sha1), 
    13     # otherwise hmac only accepts the sha module object itself 
    14     import sha as sha1 
     12try: 
     13    # Use PyCrypto (if available) 
     14    from Crypto.Hash import HMAC, SHA as SHA1 
     15 
     16except ImportError: 
     17    # PyCrypto not available.  Use the Python standard library. 
     18    import hmac as HMAC 
     19    import sys 
     20    # When using the stdlib, we have to make sure the hmac version and sha 
     21    # version are compatible 
     22    if sys.version_info[0:2] <= (2,4): 
     23        # hmac in python2.4 or less require the sha module 
     24        import sha as SHA1 
     25    else: 
     26        # NOTE: We have to use the callable with hashlib (hashlib.sha1), 
     27        # otherwise hmac only accepts the sha module object itself 
     28        from hashlib import sha1 as SHA1 
    1529 
    1630# Check for pycryptopp encryption for AES 
    1731try: 
    class SignedCookie(Cookie.BaseCookie): 
    3751     
    3852    def value_decode(self, val): 
    3953        val = val.strip('"') 
    40         sig = hmac.new(self.secret, val[40:], sha1).hexdigest() 
     54        sig = HMAC.new(self.secret, val[40:], SHA1).hexdigest() 
    4155        if sig != val[:40]: 
    4256            return None, val 
    4357        else: 
    4458            return val[40:], val 
    4559     
    4660    def value_encode(self, val): 
    47         sig = hmac.new(self.secret, val, sha1).hexdigest() 
     61        sig = HMAC.new(self.secret, val, SHA1).hexdigest() 
    4862        return str(val), ("%s%s" % (sig, val)) 
    4963 
    5064