Loading django/utils/crypto.py +6 −5 Original line number Diff line number Diff line Loading @@ -50,7 +50,7 @@ def salted_hmac(key_salt, value, secret=None): # line is redundant and could be replaced by key = key_salt + secret, since # the hmac module does the same thing for keys longer than the block size. # However, we need to ensure that we *always* do this. return hmac.new(key, msg=value, digestmod=hashlib.sha1) return hmac.new(key, msg=smart_bytes(value), digestmod=hashlib.sha1) def get_random_string(length=12, Loading Loading @@ -99,7 +99,7 @@ def _bin_to_long(x): This is a clever optimization for fast xor vector math """ return int(x.encode('hex'), 16) return int(binascii.hexlify(x), 16) def _long_to_bin(x, hex_format_string): Loading @@ -112,13 +112,14 @@ def _long_to_bin(x, hex_format_string): def _fast_hmac(key, msg, digest): """ A trimmed down version of Python's HMAC implementation A trimmed down version of Python's HMAC implementation. This function operates on bytes. """ dig1, dig2 = digest(), digest() key = smart_bytes(key) if len(key) > dig1.block_size: key = digest(key).digest() key += chr(0) * (dig1.block_size - len(key)) key += b'\x00' * (dig1.block_size - len(key)) dig1.update(key.translate(_trans_36)) dig1.update(msg) dig2.update(key.translate(_trans_5c)) Loading tests/regressiontests/utils/crypto.py +16 −12 Original line number Diff line number Diff line from __future__ import unicode_literals import binascii import math import timeit import hashlib Loading Loading @@ -111,7 +113,7 @@ class TestUtilsCryptoPBKDF2(unittest.TestCase): # Check leading zeros are not stripped (#17481) { "args": { "password": chr(186), "password": b'\xba', "salt": "salt", "iterations": 1, "dklen": 20, Loading @@ -124,12 +126,14 @@ class TestUtilsCryptoPBKDF2(unittest.TestCase): def test_public_vectors(self): for vector in self.rfc_vectors: result = pbkdf2(**vector['args']) self.assertEqual(result.encode('hex'), vector['result']) self.assertEqual(binascii.hexlify(result).decode('ascii'), vector['result']) def test_regression_vectors(self): for vector in self.regression_vectors: result = pbkdf2(**vector['args']) self.assertEqual(result.encode('hex'), vector['result']) self.assertEqual(binascii.hexlify(result).decode('ascii'), vector['result']) def test_performance_scalability(self): """ Loading Loading
django/utils/crypto.py +6 −5 Original line number Diff line number Diff line Loading @@ -50,7 +50,7 @@ def salted_hmac(key_salt, value, secret=None): # line is redundant and could be replaced by key = key_salt + secret, since # the hmac module does the same thing for keys longer than the block size. # However, we need to ensure that we *always* do this. return hmac.new(key, msg=value, digestmod=hashlib.sha1) return hmac.new(key, msg=smart_bytes(value), digestmod=hashlib.sha1) def get_random_string(length=12, Loading Loading @@ -99,7 +99,7 @@ def _bin_to_long(x): This is a clever optimization for fast xor vector math """ return int(x.encode('hex'), 16) return int(binascii.hexlify(x), 16) def _long_to_bin(x, hex_format_string): Loading @@ -112,13 +112,14 @@ def _long_to_bin(x, hex_format_string): def _fast_hmac(key, msg, digest): """ A trimmed down version of Python's HMAC implementation A trimmed down version of Python's HMAC implementation. This function operates on bytes. """ dig1, dig2 = digest(), digest() key = smart_bytes(key) if len(key) > dig1.block_size: key = digest(key).digest() key += chr(0) * (dig1.block_size - len(key)) key += b'\x00' * (dig1.block_size - len(key)) dig1.update(key.translate(_trans_36)) dig1.update(msg) dig2.update(key.translate(_trans_5c)) Loading
tests/regressiontests/utils/crypto.py +16 −12 Original line number Diff line number Diff line from __future__ import unicode_literals import binascii import math import timeit import hashlib Loading Loading @@ -111,7 +113,7 @@ class TestUtilsCryptoPBKDF2(unittest.TestCase): # Check leading zeros are not stripped (#17481) { "args": { "password": chr(186), "password": b'\xba', "salt": "salt", "iterations": 1, "dklen": 20, Loading @@ -124,12 +126,14 @@ class TestUtilsCryptoPBKDF2(unittest.TestCase): def test_public_vectors(self): for vector in self.rfc_vectors: result = pbkdf2(**vector['args']) self.assertEqual(result.encode('hex'), vector['result']) self.assertEqual(binascii.hexlify(result).decode('ascii'), vector['result']) def test_regression_vectors(self): for vector in self.regression_vectors: result = pbkdf2(**vector['args']) self.assertEqual(result.encode('hex'), vector['result']) self.assertEqual(binascii.hexlify(result).decode('ascii'), vector['result']) def test_performance_scalability(self): """ Loading
