def session_key(h_up, nonce): # The hash itself is a bit too short to be a session key. # HMAC wants a 64-byte key. We don't want to use h_up # directly because it would never change over time. Instead # use the hash plus part of h_up. return (sha1(("%s:%s" % (h_up, nonce)).encode('latin-1')).digest() + h_up.encode('utf-8')[:44])
def _get_nonce(self): # RFC 2069 recommends a nonce of the form # H(client-IP ":" time-stamp ":" private-key) dig = sha1() dig.update(str(self.connection.addr).encode('latin-1')) dig.update(self._get_time()) dig.update(self.noncekey) return dig.hexdigest()
def auth(self, username, password): try: dbpw = self.database.get_password(username) except LookupError: return 0 password_dig = sha1(password).hexdigest() if dbpw == password_dig: self.connection.setSessionKey( session_key(username, self.database.realm, password)) return self._finish_auth(dbpw == password_dig)
def auth(self, username, password): try: dbpw = self.database.get_password(username) except LookupError: return 0 password_dig = sha1(password).hexdigest() if dbpw == password_dig: self.connection.setSessionKey(session_key(username, self.database.realm, password)) return self._finish_auth(dbpw == password_dig)
def hash(self, s): return sha1(s.encode()).hexdigest()
def hash(self, s): return sha1(s).hexdigest()
def hexdigest(s): return sha1(s.encode()).hexdigest()
def session_key(username, realm, password): return sha1("%s:%s:%s" % (username, realm, password)).hexdigest()
def session_key(username, realm, password): key = "%s:%s:%s" % (username, realm, password) return sha1(key.encode('utf-8')).hexdigest().encode('ascii')
def hexdigest(s): return sha1(s).hexdigest()