Funktionierender Prototyp des Serious Games zur Vermittlung von Wissen zu Software-Engineering-Arbeitsmodellen.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

_digest.py 4.0KB

1 year ago
123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132
  1. # -*- test-case-name: twisted.cred.test.test_digestauth -*-
  2. # Copyright (c) Twisted Matrix Laboratories.
  3. # See LICENSE for details.
  4. """
  5. Calculations for HTTP Digest authentication.
  6. @see: U{http://www.faqs.org/rfcs/rfc2617.html}
  7. """
  8. from binascii import hexlify
  9. from hashlib import md5, sha1
  10. # The digest math
  11. algorithms = {
  12. b"md5": md5,
  13. # md5-sess is more complicated than just another algorithm. It requires
  14. # H(A1) state to be remembered from the first WWW-Authenticate challenge
  15. # issued and re-used to process any Authorization header in response to
  16. # that WWW-Authenticate challenge. It is *not* correct to simply
  17. # recalculate H(A1) each time an Authorization header is received. Read
  18. # RFC 2617, section 3.2.2.2 and do not try to make DigestCredentialFactory
  19. # support this unless you completely understand it. -exarkun
  20. b"md5-sess": md5,
  21. b"sha": sha1,
  22. }
  23. # DigestCalcHA1
  24. def calcHA1(
  25. pszAlg, pszUserName, pszRealm, pszPassword, pszNonce, pszCNonce, preHA1=None
  26. ):
  27. """
  28. Compute H(A1) from RFC 2617.
  29. @param pszAlg: The name of the algorithm to use to calculate the digest.
  30. Currently supported are md5, md5-sess, and sha.
  31. @param pszUserName: The username
  32. @param pszRealm: The realm
  33. @param pszPassword: The password
  34. @param pszNonce: The nonce
  35. @param pszCNonce: The cnonce
  36. @param preHA1: If available this is a str containing a previously
  37. calculated H(A1) as a hex string. If this is given then the values for
  38. pszUserName, pszRealm, and pszPassword must be L{None} and are ignored.
  39. """
  40. if preHA1 and (pszUserName or pszRealm or pszPassword):
  41. raise TypeError(
  42. "preHA1 is incompatible with the pszUserName, "
  43. "pszRealm, and pszPassword arguments"
  44. )
  45. if preHA1 is None:
  46. # We need to calculate the HA1 from the username:realm:password
  47. m = algorithms[pszAlg]()
  48. m.update(pszUserName)
  49. m.update(b":")
  50. m.update(pszRealm)
  51. m.update(b":")
  52. m.update(pszPassword)
  53. HA1 = hexlify(m.digest())
  54. else:
  55. # We were given a username:realm:password
  56. HA1 = preHA1
  57. if pszAlg == b"md5-sess":
  58. m = algorithms[pszAlg]()
  59. m.update(HA1)
  60. m.update(b":")
  61. m.update(pszNonce)
  62. m.update(b":")
  63. m.update(pszCNonce)
  64. HA1 = hexlify(m.digest())
  65. return HA1
  66. def calcHA2(algo, pszMethod, pszDigestUri, pszQop, pszHEntity):
  67. """
  68. Compute H(A2) from RFC 2617.
  69. @param algo: The name of the algorithm to use to calculate the digest.
  70. Currently supported are md5, md5-sess, and sha.
  71. @param pszMethod: The request method.
  72. @param pszDigestUri: The request URI.
  73. @param pszQop: The Quality-of-Protection value.
  74. @param pszHEntity: The hash of the entity body or L{None} if C{pszQop} is
  75. not C{'auth-int'}.
  76. @return: The hash of the A2 value for the calculation of the response
  77. digest.
  78. """
  79. m = algorithms[algo]()
  80. m.update(pszMethod)
  81. m.update(b":")
  82. m.update(pszDigestUri)
  83. if pszQop == b"auth-int":
  84. m.update(b":")
  85. m.update(pszHEntity)
  86. return hexlify(m.digest())
  87. def calcResponse(HA1, HA2, algo, pszNonce, pszNonceCount, pszCNonce, pszQop):
  88. """
  89. Compute the digest for the given parameters.
  90. @param HA1: The H(A1) value, as computed by L{calcHA1}.
  91. @param HA2: The H(A2) value, as computed by L{calcHA2}.
  92. @param pszNonce: The challenge nonce.
  93. @param pszNonceCount: The (client) nonce count value for this response.
  94. @param pszCNonce: The client nonce.
  95. @param pszQop: The Quality-of-Protection value.
  96. """
  97. m = algorithms[algo]()
  98. m.update(HA1)
  99. m.update(b":")
  100. m.update(pszNonce)
  101. m.update(b":")
  102. if pszNonceCount and pszCNonce:
  103. m.update(pszNonceCount)
  104. m.update(b":")
  105. m.update(pszCNonce)
  106. m.update(b":")
  107. m.update(pszQop)
  108. m.update(b":")
  109. m.update(HA2)
  110. respHash = hexlify(m.digest())
  111. return respHash