From f0f3da7b52ffa2432bec812e37fbba27c18c12e0 Mon Sep 17 00:00:00 2001 From: David Poole Date: Sun, 19 Nov 2017 08:42:09 -0700 Subject: [PATCH] add SHA-512 authentication --- httpbin/core.py | 2 +- httpbin/helpers.py | 4 +++- test_httpbin.py | 10 ++++++---- 3 files changed, 10 insertions(+), 6 deletions(-) diff --git a/httpbin/core.py b/httpbin/core.py index 6ec8990..035d1c2 100644 --- a/httpbin/core.py +++ b/httpbin/core.py @@ -469,7 +469,7 @@ def digest_auth(qop=None, user='user', passwd='passwd', algorithm='MD5', stale_a """Prompts the user for authorization using HTTP Digest auth""" require_cookie_handling = (request.args.get('require-cookie', '').lower() in ('1', 't', 'true')) - if algorithm not in ('MD5', 'SHA-256'): + if algorithm not in ('MD5', 'SHA-256', 'SHA-512'): algorithm = 'MD5' if qop not in ('auth', 'auth-int'): diff --git a/httpbin/helpers.py b/httpbin/helpers.py index 8836323..1983c06 100644 --- a/httpbin/helpers.py +++ b/httpbin/helpers.py @@ -12,7 +12,7 @@ import base64 import re import time import os -from hashlib import md5, sha256 +from hashlib import md5, sha256, sha512 from werkzeug.http import parse_authorization_header from werkzeug.datastructures import WWWAuthenticate @@ -270,6 +270,8 @@ def check_basic_auth(user, passwd): def H(data, algorithm): if algorithm == 'SHA-256': return sha256(data).hexdigest() + elif algorithm == 'SHA-512': + return sha512(data).hexdigest() else: return md5(data).hexdigest() diff --git a/test_httpbin.py b/test_httpbin.py index a3ad77c..5a0e555 100755 --- a/test_httpbin.py +++ b/test_httpbin.py @@ -7,7 +7,7 @@ import contextlib import six import json from werkzeug.http import parse_dict_header -from hashlib import md5, sha256 +from hashlib import md5, sha256, sha512 from six import BytesIO import httpbin @@ -41,6 +41,8 @@ def _hash(data, algorithm): """Encode binary data according to specified algorithm, use MD5 by default""" if algorithm == 'SHA-256': return sha256(data).hexdigest() + elif algorithm == 'SHA-512': + return sha512(data).hexdigest() else: return md5(data).hexdigest() @@ -65,7 +67,7 @@ def _make_digest_auth_header(username, password, method, uri, nonce, assert nonce assert method assert uri - assert algorithm in ('MD5', 'SHA-256', None) + assert algorithm in ('MD5', 'SHA-256', 'SHA-512', None) a1 = ':'.join([username, realm or '', password]) ha1 = _hash(a1.encode('utf-8'), algorithm) @@ -282,7 +284,7 @@ class HttpbinTestCase(unittest.TestCase): username = 'user' password = 'passwd' for qop in None, 'auth', 'auth-int',: - for algorithm in None, 'MD5', 'SHA-256': + for algorithm in None, 'MD5', 'SHA-256', 'SHA-512': for body in None, b'', b'request payload': for stale_after in (None, 1, 4) if algorithm else (None,) : self._test_digest_auth(username, password, qop, algorithm, body, stale_after) @@ -371,7 +373,7 @@ class HttpbinTestCase(unittest.TestCase): username = 'user' password = 'passwd' for qop in None, 'auth', 'auth-int',: - for algorithm in None, 'MD5', 'SHA-256': + for algorithm in None, 'MD5', 'SHA-256', 'SHA-512': for body in None, b'', b'request payload': self._test_digest_auth_wrong_pass(username, password, qop, algorithm, body, 3)