def sign(self, pairs): """ Generate a signature for a sequence of (key, value) pairs @param pairs: The pairs to sign, in order @type pairs: Iterable[six.text_type, six.text_type], six.binary_type is deprecated @return: The binary signature of this sequence of pairs @rtype: six.binary_type """ warning_msg = "Binary values for pairs are deprecated. Use text input instead." pairs = [(string_to_text(a, warning_msg), string_to_text(b, warning_msg)) for a, b in pairs] kv = kvform.seqToKV(pairs) try: algorithm = self.hmac_algorithms[self.assoc_type] except KeyError: raise ValueError('Unknown association type: %r' % (self.assoc_type, )) hmac = HMAC(self.secret, algorithm, backend=default_backend()) hmac.update(kv.encode('utf-8')) return hmac.finalize()
def serialize(self): """ Convert an association to KV form. @return: String in KV form suitable for deserialization by deserialize. @rtype: str """ data = { "version": "2", "handle": self.handle, "secret": oidutil.toBase64(self.secret), "issued": str(int(self.issued)), "lifetime": str(int(self.lifetime)), "assoc_type": self.assoc_type, } assert len(data) == len(self.assoc_keys) pairs = [] for field_name in self.assoc_keys: pairs.append((field_name, data[field_name])) return kvform.seqToKV(pairs, strict=True)
def serialize(self): """ Convert an association to KV form. @return: String in KV form suitable for deserialization by deserialize. @rtype: str """ data = { 'version': '2', 'handle': self.handle, 'secret': oidutil.toBase64(self.secret), 'issued': str(int(self.issued)), 'lifetime': str(int(self.lifetime)), 'assoc_type': self.assoc_type } assert len(data) == len(self.assoc_keys) pairs = [] for field_name in self.assoc_keys: pairs.append((field_name, data[field_name])) return kvform.seqToKV(pairs, strict=True)
def is_valid_openid_response(self): data = self.get_openid_response_data() if 'signed' not in data: return False if 'sig' not in data: return False if 'assoc_handle' not in data: return False associations = Association.objects.filter(handle=data['assoc_handle']) if not associations.exists(): return False signing_pairs = [] for field in data['signed'].split(','): if field not in data: return False else: signing_pairs.append((field, data[field])) association = associations.get() valid = base64.b64encode( association.sign(kvform.seqToKV( tuple(signing_pairs)))) == data['sig'] return valid and super(AssociationExtension, self).is_valid_openid_response()
def runTest(self): # seq serializes to expected kvform actual = kvform.seqToKV(self.seq) self.failUnlessEqual(self.kvform, actual) # Parse back to sequence. Expected to be unchanged, except # stripping whitespace from start and end of values # (i. e. ordering, case, and internal whitespace is preserved) seq = kvform.kvToSeq(actual) clean_seq = self.cleanSeq(seq) self.failUnlessEqual(seq, clean_seq)
def runTest(self): # seq serializes to expected kvform actual = kvform.seqToKV(self.seq) self.failUnlessEqual(self.kvform, actual) self.failUnless(type(actual) is str) # Parse back to sequence. Expected to be unchanged, except # stripping whitespace from start and end of values # (i. e. ordering, case, and internal whitespace is preserved) seq = kvform.kvToSeq(actual) clean_seq = self.cleanSeq(seq) self.failUnlessEqual(seq, clean_seq) self.checkWarnings(self.expected_warnings)
def runTest(self): for kv_data, result, expected_warnings in kvseq_cases: # seq serializes to expected kvform with LogCapture() as logbook: actual = kvform.seqToKV(kv_data) self.assertEqual(actual, result) self.assertIsInstance(actual, str) # Parse back to sequence. Expected to be unchanged, except # stripping whitespace from start and end of values # (i. e. ordering, case, and internal whitespace is preserved) seq = kvform.kvToSeq(actual) clean_seq = self.cleanSeq(seq) self.assertEqual(seq, clean_seq) self.assertEqual(len(logbook.records), expected_warnings, "Invalid warnings for {}: {}".format(kv_data, [r.getMessage() for r in logbook.records]))
def sign(self, pairs): """ Generate a signature for a sequence of (key, value) pairs @param pairs: The pairs to sign, in order @type pairs: sequence of (str, str) @return: The binary signature of this sequence of pairs @rtype: str """ assert self.assoc_type == 'HMAC-SHA1' kv = kvform.seqToKV(pairs) return cryptutil.hmacSha1(self.secret, kv)
def runTest(self): for kv_data, result, expected_warnings in kvseq_cases: # seq serializes to expected kvform with LogCapture() as logbook: actual = kvform.seqToKV(kv_data) self.assertEqual(actual, result) self.assertIsInstance(actual, six.text_type) # Parse back to sequence. Expected to be unchanged, except # stripping whitespace from start and end of values # (i. e. ordering, case, and internal whitespace is preserved) seq = kvform.kvToSeq(actual) clean_seq = self.cleanSeq(seq) self.assertEqual(seq, clean_seq) self.assertEqual(len(logbook.records), expected_warnings, "Invalid warnings for {}: {}".format(kv_data, [r.getMessage() for r in logbook.records]))
def runTest(self): # seq serializes to expected kvform actual = kvform.seqToKV(self.seq) if isinstance(self.kvform, str): kvform_bytes = bytes(self.kvform, encoding="utf-8") else: kvform_bytes = self.kvform self.assertEqual(kvform_bytes, actual) self.assertTrue(isinstance(actual, bytes)) # Parse back to sequence. Expected to be unchanged, except # stripping whitespace from start and end of values # (i. e. ordering, case, and internal whitespace is preserved) seq = kvform.kvToSeq(actual) clean_seq = self.cleanSeq(seq) self.assertEqual(seq, clean_seq) self.checkWarnings(self.expected_warnings)
def sign(self, pairs): """ Generate a signature for a sequence of (key, value) pairs @param pairs: The pairs to sign, in order @type pairs: sequence of (str, str) @return: The binary signature of this sequence of pairs @rtype: bytes """ kv = kvform.seqToKV(pairs) try: mac = self._macs[self.assoc_type] except KeyError: raise ValueError( 'Unknown association type: %r' % (self.assoc_type,)) return mac(self.secret, kv)
def sign(self, pairs): """ Generate a signature for a sequence of (key, value) pairs @param pairs: The pairs to sign, in order @type pairs: sequence of (str, str) @return: The binary signature of this sequence of pairs @rtype: bytes """ kv = kvform.seqToKV(pairs) try: mac = self._macs[self.assoc_type] except KeyError: raise ValueError("Unknown association type: %r" % (self.assoc_type, )) return mac(self.secret, kv)
def is_valid_openid_response(self): data = self.get_openid_response_data() if 'signed' not in data: return False if 'sig' not in data: return False if 'assoc_handle' not in data: return False associations = Association.objects.filter(handle=data['assoc_handle']) if not associations.exists(): return False signing_pairs = [] for field in data['signed'].split(','): if field not in data: return False else: signing_pairs.append((field, data[field])) association = associations.get() valid = base64.b64encode(association.sign(kvform.seqToKV(tuple(signing_pairs)))) == data['sig'] return valid and super(AssociationExtension, self).is_valid_openid_response()
def sign(self, pairs): """ Generate a signature for a sequence of (key, value) pairs @param pairs: The pairs to sign, in order @type pairs: Iterable[six.text_type, six.text_type], six.binary_type is deprecated @return: The binary signature of this sequence of pairs @rtype: six.binary_type """ warning_msg = "Binary values for pairs are deprecated. Use text input instead." pairs = [(string_to_text(a, warning_msg), string_to_text(b, warning_msg)) for a, b in pairs] kv = kvform.seqToKV(pairs) try: algorithm = self.hmac_algorithms[self.assoc_type] except KeyError: raise ValueError( 'Unknown association type: %r' % (self.assoc_type,)) hmac = HMAC(self.secret, algorithm, backend=default_backend()) hmac.update(kv.encode('utf-8')) return hmac.finalize()
def test_convert(self): result = kvform.seqToKV([(1,1)]) self.failUnlessEqual(result, '1:1\n') self.checkWarnings(2)
def test_convert(self): with LogCapture() as logbook: result = kvform.seqToKV([(1, 1)]) self.assertEqual(result, '1:1\n') self.assertEqual(len(logbook.records), 2)
def test_convert(self): result = kvform.seqToKV([(1, 1)]) self.failUnlessEqual(result, '1:1\n') self.checkWarnings(2)
def test_convert(self): result = kvform.seqToKV([(1, 1)]) self.assertEqual(result, b'1:1\n') self.checkWarnings(2)