def get_dh_key(pubkey, session_type, secret_b64, gen=None, mod=None): """Returns a Diffie-Hellman encoded key Args: - the public key of the other side - session_type: DH-SHA1 or DH-SHA256 - secret_b64: the shared secret, base 64 encoded - gen: generator. default to 2 - mod: modulus, default to the default openid prime Return: base64(crypted(pubkey) xor mac_key), btwoc(pub) """ if mod is None: mod = _DEFAULT_MOD if gen is None: gen = _DEFAULT_GEN # building the DH signature dh_private = urandom.randrange(1, mod - 1) dh_public = pow(gen, dh_private, mod) dh_shared = btwoc(pow(pubkey, dh_private, mod)) if session_type == 'DH-SHA1': crypt = lambda x: hashlib.sha1(x).digest() else: crypt = lambda x: hashlib.sha256(x).digest() dh_shared = crypt(dh_shared) mac_key = xor(b64decode(secret_b64), dh_shared) return b64encode(mac_key), b64encode(btwoc(dh_public))
def _create_token(self, user): seed = "" for i in range(32): seed += chr(urandom.randrange(0, 255)) token = binascii.hexlify(hashlib.sha1(seed).digest()) return token