gillmannma68984
/
demoweb
Watch 1
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
5 Commits
1 Branch
Tree: cd58e28389
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'cd58e28389'
${ noResults }
demoweb/venv/lib/python3.7/site-packages/twisted/cred/_digest.py

_digest.py 4.0KB
Raw Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132 
  1. # -*- test-case-name: twisted.cred.test.test_digestauth -*-

  2. # Copyright (c) Twisted Matrix Laboratories.

  3. # See LICENSE for details.

  4. 

  5. """

  6. Calculations for HTTP Digest authentication.

  7. 

  8. @see: U{http://www.faqs.org/rfcs/rfc2617.html}

  9. """

  10. 

  11. from __future__ import division, absolute_import

  12. 

  13. from binascii import hexlify

  14. from hashlib import md5, sha1

  15. 

  16. 

  17. 

  18. # The digest math

  19. 

  20. algorithms = {

  21.     b'md5': md5,

  22. 

  23.     # md5-sess is more complicated than just another algorithm.  It requires

  24.     # H(A1) state to be remembered from the first WWW-Authenticate challenge

  25.     # issued and re-used to process any Authorization header in response to

  26.     # that WWW-Authenticate challenge.  It is *not* correct to simply

  27.     # recalculate H(A1) each time an Authorization header is received.  Read

  28.     # RFC 2617, section 3.2.2.2 and do not try to make DigestCredentialFactory

  29.     # support this unless you completely understand it. -exarkun

  30.     b'md5-sess': md5,

  31. 

  32.     b'sha': sha1,

  33. }

  34. 

  35. # DigestCalcHA1

  36. def calcHA1(pszAlg, pszUserName, pszRealm, pszPassword, pszNonce, pszCNonce,

  37.             preHA1=None):

  38.     """

  39.     Compute H(A1) from RFC 2617.

  40. 

  41.     @param pszAlg: The name of the algorithm to use to calculate the digest.

  42.         Currently supported are md5, md5-sess, and sha.

  43.     @param pszUserName: The username

  44.     @param pszRealm: The realm

  45.     @param pszPassword: The password

  46.     @param pszNonce: The nonce

  47.     @param pszCNonce: The cnonce

  48. 

  49.     @param preHA1: If available this is a str containing a previously

  50.        calculated H(A1) as a hex string.  If this is given then the values for

  51.        pszUserName, pszRealm, and pszPassword must be L{None} and are ignored.

  52.     """

  53. 

  54.     if (preHA1 and (pszUserName or pszRealm or pszPassword)):

  55.         raise TypeError(("preHA1 is incompatible with the pszUserName, "

  56.                          "pszRealm, and pszPassword arguments"))

  57. 

  58.     if preHA1 is None:

  59.         # We need to calculate the HA1 from the username:realm:password

  60.         m = algorithms[pszAlg]()

  61.         m.update(pszUserName)

  62.         m.update(b":")

  63.         m.update(pszRealm)

  64.         m.update(b":")

  65.         m.update(pszPassword)

  66.         HA1 = hexlify(m.digest())

  67.     else:

  68.         # We were given a username:realm:password

  69.         HA1 = preHA1

  70. 

  71.     if pszAlg == b"md5-sess":

  72.         m = algorithms[pszAlg]()

  73.         m.update(HA1)

  74.         m.update(b":")

  75.         m.update(pszNonce)

  76.         m.update(b":")

  77.         m.update(pszCNonce)

  78.         HA1 = hexlify(m.digest())

  79. 

  80.     return HA1

  81. 

  82. 

  83. def calcHA2(algo, pszMethod, pszDigestUri, pszQop, pszHEntity):

  84.     """

  85.     Compute H(A2) from RFC 2617.

  86. 

  87.     @param pszAlg: The name of the algorithm to use to calculate the digest.

  88.         Currently supported are md5, md5-sess, and sha.

  89.     @param pszMethod: The request method.

  90.     @param pszDigestUri: The request URI.

  91.     @param pszQop: The Quality-of-Protection value.

  92.     @param pszHEntity: The hash of the entity body or L{None} if C{pszQop} is

  93.         not C{'auth-int'}.

  94.     @return: The hash of the A2 value for the calculation of the response

  95.         digest.

  96.     """

  97.     m = algorithms[algo]()

  98.     m.update(pszMethod)

  99.     m.update(b":")

  100.     m.update(pszDigestUri)

  101.     if pszQop == b"auth-int":

  102.         m.update(b":")

  103.         m.update(pszHEntity)

  104.     return hexlify(m.digest())

  105. 

  106. 

  107. def calcResponse(HA1, HA2, algo, pszNonce, pszNonceCount, pszCNonce, pszQop):

  108.     """

  109.     Compute the digest for the given parameters.

  110. 

  111.     @param HA1: The H(A1) value, as computed by L{calcHA1}.

  112.     @param HA2: The H(A2) value, as computed by L{calcHA2}.

  113.     @param pszNonce: The challenge nonce.

  114.     @param pszNonceCount: The (client) nonce count value for this response.

  115.     @param pszCNonce: The client nonce.

  116.     @param pszQop: The Quality-of-Protection value.

  117.     """

  118.     m = algorithms[algo]()

  119.     m.update(HA1)

  120.     m.update(b":")

  121.     m.update(pszNonce)

  122.     m.update(b":")

  123.     if pszNonceCount and pszCNonce:

  124.         m.update(pszNonceCount)

  125.         m.update(b":")

  126.         m.update(pszCNonce)

  127.         m.update(b":")

  128.         m.update(pszQop)

  129.         m.update(b":")

  130.     m.update(HA2)

  131.     respHash = hexlify(m.digest())

  132.     return respHash