def test_verifyHTTPDigest(self):
expectations = (
(u"zehcnasw", True), # Correct
("wrong", False) # Incorrect
)
record = (yield
self.client.recordWithShortName(RecordType.user,
u"wsanchez"))
realm = "host.example.com"
nonce = "128446648710842461101646794502"
algorithm = "md5"
uri = "http://host.example.com"
method = "GET"
for password, answer in expectations:
for qop, nc, cnonce in (
("", "", ""),
("auth", "00000001",
"/rrD6TqPA3lHRmg+fw/vyU6oWoQgzK7h9yWrsCmv/lE="),
):
response = calcResponse(
calcHA1(algorithm, u"wsanchez", realm, password,
nonce, cnonce),
calcHA2(algorithm, method, uri, qop, None), algorithm,
nonce, nc, cnonce, qop)
authenticated = (yield record.verifyHTTPDigest(
u"wsanchez", realm, uri, nonce, cnonce, algorithm, nc, qop,
response, method))
self.assertEquals(authenticated, answer)
def test_verifyHTTPDigest(self):
expectations = (
(u"zehcnasw", True), # Correct
("wrong", False) # Incorrect
)
record = (
yield self.client.recordWithShortName(
RecordType.user,
u"wsanchez"
)
)
realm = "host.example.com"
nonce = "128446648710842461101646794502"
algorithm = "md5"
uri = "http://host.example.com"
method = "GET"
for password, answer in expectations:
for qop, nc, cnonce in (
("", "", ""),
("auth", "00000001", "/rrD6TqPA3lHRmg+fw/vyU6oWoQgzK7h9yWrsCmv/lE="),
):
response = calcResponse(
calcHA1(algorithm, u"wsanchez", realm, password, nonce, cnonce),
calcHA2(algorithm, method, uri, qop, None),
algorithm, nonce, nc, cnonce, qop)
authenticated = (
yield record.verifyHTTPDigest(
u"wsanchez", realm, uri, nonce, cnonce, algorithm, nc, qop,
response, method
)
)
self.assertEquals(authenticated, answer)
def test_MD5HashA2AuthInt(self, _algorithm='md5', _hash=md5):
"""
L{calcHA2} accepts the C{'md5'} algorithm and returns an MD5 hash of
its arguments, including the entity hash for QOP of C{'auth-int'}.
"""
method = 'GET'
hentity = 'foobarbaz'
hashA2 = calcHA2(_algorithm, method, self.uri, 'auth-int', hentity)
a2 = '%s:%s:%s' % (method, self.uri, hentity)
expected = _hash(a2).hexdigest()
self.assertEqual(hashA2, expected)
def test_MD5HashA2AuthInt(self, _algorithm='md5', _hash=md5):
"""
L{calcHA2} accepts the C{'md5'} algorithm and returns an MD5 hash of
its arguments, including the entity hash for QOP of C{'auth-int'}.
"""
method = 'GET'
hentity = 'foobarbaz'
hashA2 = calcHA2(_algorithm, method, self.uri, 'auth-int', hentity)
a2 = '%s:%s:%s' % (method, self.uri, hentity)
expected = _hash(a2).hexdigest()
self.assertEqual(hashA2, expected)
def test_MD5HashA2AuthInt(self, _algorithm=b'md5', _hash=md5):
"""
L{calcHA2} accepts the C{'md5'} algorithm and returns an MD5 hash of
its arguments, including the entity hash for QOP of C{'auth-int'}.
"""
method = b'GET'
hentity = b'foobarbaz'
hashA2 = calcHA2(_algorithm, method, self.uri, b'auth-int', hentity)
a2 = method + b':' + self.uri + b':' + hentity
expected = hexlify(_hash(a2).digest())
self.assertEqual(hashA2, expected)
def test_MD5HashA2Auth(self, _algorithm=b'md5', _hash=md5):
"""
L{calcHA2} accepts the C{'md5'} algorithm and returns an MD5 hash of
its arguments, excluding the entity hash for QOP other than
C{'auth-int'}.
"""
method = b'GET'
hashA2 = calcHA2(_algorithm, method, self.uri, b'auth', None)
a2 = method + b':' + self.uri
expected = hexlify(_hash(a2).digest())
self.assertEqual(hashA2, expected)
def test_MD5HashA2AuthInt(self, _algorithm=b'md5', _hash=md5):
"""
L{calcHA2} accepts the C{'md5'} algorithm and returns an MD5 hash of
its arguments, including the entity hash for QOP of C{'auth-int'}.
"""
method = b'GET'
hentity = b'foobarbaz'
hashA2 = calcHA2(_algorithm, method, self.uri, b'auth-int', hentity)
a2 = method + b':' + self.uri + b':' + hentity
expected = hexlify(_hash(a2).digest())
self.assertEqual(hashA2, expected)
def test_MD5HashA2Auth(self, _algorithm=b'md5', _hash=md5):
"""
L{calcHA2} accepts the C{'md5'} algorithm and returns an MD5 hash of
its arguments, excluding the entity hash for QOP other than
C{'auth-int'}.
"""
method = b'GET'
hashA2 = calcHA2(_algorithm, method, self.uri, b'auth', None)
a2 = method + b':' + self.uri
expected = hexlify(_hash(a2).digest())
self.assertEqual(hashA2, expected)
def getDigestResponse(self, challenge, ncount):
"""
Calculate the response for the given challenge
"""
nonce = challenge.get('nonce')
algo = challenge.get('algorithm').lower()
qop = challenge.get('qop')
ha1 = calcHA1(
algo, self.username, self.realm, self.password, nonce, self.cnonce)
ha2 = calcHA2(algo, "GET", self.uri, qop, None)
expected = calcResponse(ha1, ha2, algo, nonce, ncount, self.cnonce, qop)
return expected
def getDigestResponse(self, challenge, ncount):
"""
Calculate the response for the given challenge
"""
nonce = challenge.get('nonce')
algo = challenge.get('algorithm').lower()
qop = challenge.get('qop')
ha1 = calcHA1(
algo, self.username, self.realm, self.password, nonce, self.cnonce)
ha2 = calcHA2(algo, "GET", self.uri, qop, None)
expected = calcResponse(ha1, ha2, algo, nonce, ncount, self.cnonce, qop)
return expected