use python sha and hmac built-in modules rather than those in python-crypto. Fixes #5294

This commit is contained in:
Yann Leboulanger 2009-09-30 17:02:51 +02:00
parent a9c7731cbb
commit 3afea608e2
2 changed files with 12 additions and 11 deletions

View File

@ -22,7 +22,7 @@
import os import os
import math import math
from Crypto.Hash import SHA256 from hashlib import sha256
# convert a large integer to a big-endian bitstring # convert a large integer to a big-endian bitstring
def encode_mpi(n): def encode_mpi(n):
@ -58,7 +58,7 @@ def decode_mpi(s):
return 256 * decode_mpi(s[:-1]) + ord(s[-1]) return 256 * decode_mpi(s[:-1]) + ord(s[-1])
def sha256(string): def sha256(string):
sh = SHA256.new() sh = sha256()
sh.update(string) sh.update(string)
return sh.digest() return sh.digest()

View File

@ -33,10 +33,11 @@ import string
import time import time
import base64 import base64
import os import os
from hashlib import sha256
from hmac import HMAC
if gajim.HAVE_PYCRYPTO: if gajim.HAVE_PYCRYPTO:
from Crypto.Cipher import AES from Crypto.Cipher import AES
from Crypto.Hash import HMAC, SHA256
from Crypto.PublicKey import RSA from Crypto.PublicKey import RSA
from common import crypto from common import crypto
@ -249,7 +250,7 @@ class EncryptedStanzaSession(StanzaSession):
def sign(self, string): def sign(self, string):
if self.negotiated['sign_algs'] == (XmlDsig + 'rsa-sha256'): if self.negotiated['sign_algs'] == (XmlDsig + 'rsa-sha256'):
hash_ = crypto.sha256(string) hash_ = sha256(string)
return crypto.encode_mpi(gajim.pubkey.sign(hash_, '')[0]) return crypto.encode_mpi(gajim.pubkey.sign(hash_, '')[0])
def encrypt_stanza(self, stanza): def encrypt_stanza(self, stanza):
@ -370,7 +371,7 @@ class EncryptedStanzaSession(StanzaSession):
if (not 1 < e < (p - 1)): if (not 1 < e < (p - 1)):
raise NegotiationError('invalid DH value') raise NegotiationError('invalid DH value')
return crypto.sha256(crypto.encode_mpi(crypto.powmod(e, y, p))) return sha256(crypto.encode_mpi(crypto.powmod(e, y, p)))
def c7lize_mac_id(self, form): def c7lize_mac_id(self, form):
kids = form.getChildren() kids = form.getChildren()
@ -434,7 +435,7 @@ class EncryptedStanzaSession(StanzaSession):
mac_o_calculated = self.hmac(self.ks_o, content) mac_o_calculated = self.hmac(self.ks_o, content)
if self.negotiated['recv_pubkey']: if self.negotiated['recv_pubkey']:
hash_ = crypto.sha256(mac_o_calculated) hash_ = sha256(mac_o_calculated)
if not eir_pubkey.verify(hash_, signature): if not eir_pubkey.verify(hash_, signature):
raise NegotiationError('public key signature verification failed!') raise NegotiationError('public key signature verification failed!')
@ -582,7 +583,7 @@ class EncryptedStanzaSession(StanzaSession):
self.sas_algs = 'sas28x5' self.sas_algs = 'sas28x5'
self.cipher = AES self.cipher = AES
self.hash_alg = SHA256 self.hash_alg = sha256
self.compression = None self.compression = None
for name in form.asDict(): for name in form.asDict():
@ -826,7 +827,7 @@ class EncryptedStanzaSession(StanzaSession):
e = crypto.decode_mpi(base64.b64decode(form['dhkeys'])) e = crypto.decode_mpi(base64.b64decode(form['dhkeys']))
p = dh.primes[self.modp] p = dh.primes[self.modp]
if crypto.sha256(crypto.encode_mpi(e)) != self.negotiated['He']: if sha256(crypto.encode_mpi(e)) != self.negotiated['He']:
raise NegotiationError('SHA256(e) != He') raise NegotiationError('SHA256(e) != He')
k = self.get_shared_secret(e, self.y, p) k = self.get_shared_secret(e, self.y, p)
@ -853,7 +854,7 @@ class EncryptedStanzaSession(StanzaSession):
# (we're not using one) # (we're not using one)
oss = '' oss = ''
k = crypto.sha256(k + srs + oss) k = sha256(k + srs + oss)
self.kc_s, self.km_s, self.ks_s = self.generate_responder_keys(k) self.kc_s, self.km_s, self.ks_s = self.generate_responder_keys(k)
self.kc_o, self.km_o, self.ks_o = self.generate_initiator_keys(k) self.kc_o, self.km_o, self.ks_o = self.generate_initiator_keys(k)
@ -905,7 +906,7 @@ class EncryptedStanzaSession(StanzaSession):
break break
oss = '' oss = ''
k = crypto.sha256(self.k + srs + oss) k = sha256(self.k + srs + oss)
del self.k del self.k
self.do_retained_secret(k, srs) self.do_retained_secret(k, srs)
@ -983,7 +984,7 @@ class EncryptedStanzaSession(StanzaSession):
dhs.append(base64.b64encode(crypto.encode_mpi(e))) dhs.append(base64.b64encode(crypto.encode_mpi(e)))
name = 'dhkeys' name = 'dhkeys'
else: else:
He = crypto.sha256(crypto.encode_mpi(e)) He = sha256(crypto.encode_mpi(e))
dhs.append(base64.b64encode(He)) dhs.append(base64.b64encode(He))
name = 'dhhashes' name = 'dhhashes'