def parameters(self):
"""Return base64 encoded modulus and generator.
@return: Tuple with modulus and generator
@rtype: Tuple[six.text_type, six.text_type]
"""
modulus = self.parameter_numbers.p
generator = self.parameter_numbers.g
return cryptutil.longToBase64(modulus), cryptutil.longToBase64(generator)
def parameters(self):
"""Return base64 encoded modulus and generator.
@return: Tuple with modulus and generator
@rtype: Tuple[six.text_type, six.text_type]
"""
modulus = self.parameter_numbers.p
generator = self.parameter_numbers.g
return cryptutil.longToBase64(modulus), cryptutil.longToBase64(
generator)
def getRequest(self):
cpub = cryptutil.longToBase64(self.dh.public)
args = {'openid.dh_consumer_public': cpub}
if not self.dh.usingDefaultValues():
args.update({
'openid.dh_modulus': cryptutil.longToBase64(self.dh.modulus),
'openid.dh_gen': cryptutil.longToBase64(self.dh.generator),
})
return args
def public_key(self):
"""Return base64 encoded public key.
@rtype: six.text_type
"""
return cryptutil.longToBase64(
self.private_key.public_key().public_numbers().y)
def test_longToBase64(self):
f = open(os.path.join(os.path.dirname(__file__), 'n2b64'))
try:
for line in f:
parts = line.strip().split(' ')
assert parts[0] == cryptutil.longToBase64(int(parts[1]))
finally:
f.close()
def test_longToBase64():
f = file(os.path.join(os.path.dirname(__file__), 'n2b64'))
try:
for line in f:
parts = line.strip().split(' ')
assert parts[0] == cryptutil.longToBase64(long(parts[1]))
finally:
f.close()
def test_associateDHModGen(self):
# test dh with non-default but valid values for dh_modulus and dh_gen
args = {
'openid.mode': 'associate',
'openid.session_type': 'DH-SHA1',
'openid.dh_consumer_public': "Rzup9265tw==",
'openid.dh_modulus': cryptutil.longToBase64(ALT_MODULUS),
'openid.dh_gen': cryptutil.longToBase64(ALT_GEN) ,
}
r = self.decode(args)
self.failUnless(isinstance(r, server.AssociateRequest))
self.failUnlessEqual(r.mode, "associate")
self.failUnlessEqual(r.session.session_type, "DH-SHA1")
self.failUnlessEqual(r.assoc_type, "HMAC-SHA1")
self.failUnlessEqual(r.session.dh.modulus, ALT_MODULUS)
self.failUnlessEqual(r.session.dh.generator, ALT_GEN)
self.failUnless(r.session.consumer_pubkey)
def xorSecret(self, composite, secret, hash_func):
warnings.warn("Method 'xorSecret' is deprecated, use 'xor_secret' instead.", DeprecationWarning)
dh_shared = self._get_shared_secret(cryptutil.longToBase64(composite))
# The DH secret must be `btwoc` compatible.
# See http://openid.net/specs/openid-authentication-2_0.html#rfc.section.8.2.3 for details.
dh_shared = cryptutil.fix_btwoc(dh_shared)
hashed_dh_shared = hash_func(dh_shared)
return strxor(secret, hashed_dh_shared)
def test_longToBase64():
f = open(os.path.join(os.path.dirname(__file__), 'n2b64'))
try:
for line in f:
parts = line.strip().split(' ')
p0 = bytes(parts[0], encoding="utf-8")
p1 = cryptutil.longToBase64(int(parts[1]))
assert p0 == p1, (p0, p1, parts)
finally:
f.close()
def test_exchange_server_static(self):
# Test key exchange - server part with static values
server_dh = DiffieHellman.fromDefaults()
self.setup_keys(server_dh, self.server_public_key,
self.server_private_key)
self.assertEqual(
server_dh.xorSecret(self.consumer_public_key, self.secret, sha256),
self.mac_key)
self.assertEqual(server_dh.public_key,
longToBase64(self.server_public_key))
def xorSecret(self, composite, secret, hash_func):
warnings.warn(
"Method 'xorSecret' is deprecated, use 'xor_secret' instead.",
DeprecationWarning)
dh_shared = self._get_shared_secret(cryptutil.longToBase64(composite))
# The DH secret must be `btwoc` compatible.
# See http://openid.net/specs/openid-authentication-2_0.html#rfc.section.8.2.3 for details.
dh_shared = cryptutil.fix_btwoc(dh_shared)
hashed_dh_shared = hash_func(dh_shared)
return strxor(secret, hashed_dh_shared)
def public_key(self):
"""Return base64 encoded public key.
@rtype: six.text_type
"""
return cryptutil.longToBase64(self.private_key.public_key().public_numbers().y)
def answer(self, secret):
mac_key = self.dh.xorSecret(self.consumer_pubkey, secret)
return {
'dh_server_public': cryptutil.longToBase64(self.dh.public),
'enc_mac_key': oidutil.toBase64(mac_key),
}
def answer(self, secret):
mac_key = self.dh.xorSecret(self.consumer_pubkey, secret)
return {
'dh_server_public': cryptutil.longToBase64(self.dh.public),
'enc_mac_key': oidutil.toBase64(mac_key),
}
def test_public_key(self):
dh = DiffieHellman.fromDefaults()
self.setup_keys(dh, self.server_public_key, self.server_private_key)
self.assertEqual(dh.public_key, longToBase64(self.server_public_key))
