gajim: use python sha and hmac built-in modules rather than thos...

Wed, 30 Sep 2009 08:04:22 -0700 

changeset 116459faef6c in /home/hg/repos/gajim

details:http://hg.gajim.org/gajim?cmd=changeset;node=116459faef6c
description: use python sha and hmac built-in modules rather than those in 
python-crypto. Fixes #5294

diffstat:

 src/common/crypto.py         |   4 ++--
 src/common/stanza_session.py |  19 ++++++++++---------
 2 files changed, 12 insertions(+), 11 deletions(-)

diffs (109 lines):

diff -r 86374d2c4cc8 -r 116459faef6c src/common/crypto.py
--- a/src/common/crypto.py      Tue Sep 29 14:52:25 2009 +0200
+++ b/src/common/crypto.py      Wed Sep 30 17:02:51 2009 +0200
@@ -22,7 +22,7 @@
 import os
 import math
 
-from Crypto.Hash import SHA256
+from hashlib import sha256
 
 # convert a large integer to a big-endian bitstring
 def encode_mpi(n):
@@ -58,7 +58,7 @@
                return 256 * decode_mpi(s[:-1]) + ord(s[-1])
 
 def sha256(string):
-       sh = SHA256.new()
+       sh = sha256()
        sh.update(string)
        return sh.digest()
 
diff -r 86374d2c4cc8 -r 116459faef6c src/common/stanza_session.py
--- a/src/common/stanza_session.py      Tue Sep 29 14:52:25 2009 +0200
+++ b/src/common/stanza_session.py      Wed Sep 30 17:02:51 2009 +0200
@@ -33,10 +33,11 @@
 import time
 import base64
 import os
+from hashlib import sha256
+from hmac import HMAC
 
 if gajim.HAVE_PYCRYPTO:
        from Crypto.Cipher import AES
-       from Crypto.Hash import HMAC, SHA256
        from Crypto.PublicKey import RSA
        from common import crypto
 
@@ -249,7 +250,7 @@
 
        def sign(self, string):
                if self.negotiated['sign_algs'] == (XmlDsig + 'rsa-sha256'):
-                       hash_ = crypto.sha256(string)
+                       hash_ = sha256(string)
                        return crypto.encode_mpi(gajim.pubkey.sign(hash_, 
'')[0])
 
        def encrypt_stanza(self, stanza):
@@ -370,7 +371,7 @@
                if (not 1 < e < (p - 1)):
                        raise NegotiationError('invalid DH value')
 
-               return crypto.sha256(crypto.encode_mpi(crypto.powmod(e, y, p)))
+               return sha256(crypto.encode_mpi(crypto.powmod(e, y, p)))
 
        def c7lize_mac_id(self, form):
                kids = form.getChildren()
@@ -434,7 +435,7 @@
                mac_o_calculated = self.hmac(self.ks_o, content)
 
                if self.negotiated['recv_pubkey']:
-                       hash_ = crypto.sha256(mac_o_calculated)
+                       hash_ = sha256(mac_o_calculated)
 
                        if not eir_pubkey.verify(hash_, signature):
                                raise NegotiationError('public key signature 
verification failed!')
@@ -582,7 +583,7 @@
 
                self.sas_algs = 'sas28x5'
                self.cipher = AES
-               self.hash_alg = SHA256
+               self.hash_alg = sha256
                self.compression = None
 
                for name in form.asDict():
@@ -826,7 +827,7 @@
                e = crypto.decode_mpi(base64.b64decode(form['dhkeys']))
                p = dh.primes[self.modp]
 
-               if crypto.sha256(crypto.encode_mpi(e)) != self.negotiated['He']:
+               if sha256(crypto.encode_mpi(e)) != self.negotiated['He']:
                        raise NegotiationError('SHA256(e) != He')
 
                k = self.get_shared_secret(e, self.y, p)
@@ -853,7 +854,7 @@
                # (we're not using one)
                oss = ''
 
-               k = crypto.sha256(k + srs + oss)
+               k = sha256(k + srs + oss)
 
                self.kc_s, self.km_s, self.ks_s = 
self.generate_responder_keys(k)
                self.kc_o, self.km_o, self.ks_o = 
self.generate_initiator_keys(k)
@@ -905,7 +906,7 @@
                                break
 
                oss = ''
-               k = crypto.sha256(self.k + srs + oss)
+               k = sha256(self.k + srs + oss)
                del self.k
 
                self.do_retained_secret(k, srs)
@@ -983,7 +984,7 @@
                                
dhs.append(base64.b64encode(crypto.encode_mpi(e)))
                                name = 'dhkeys'
                        else:
-                               He = crypto.sha256(crypto.encode_mpi(e))
+                               He = sha256(crypto.encode_mpi(e))
                                dhs.append(base64.b64encode(He))
                                name = 'dhhashes'
 
_______________________________________________
Commits mailing list
[email protected]
http://lists.gajim.org/cgi-bin/listinfo/commits

Reply via email to