Merge pull request #15 from digitalocean/secrets-py3

Secrets py3
2024-05-10 07:54:54 +00:00 · 2016-06-23 09:08:27 -04:00
parent f9b499d83e f7e768d166
commit b8169d5ce3
2 changed files with 13 additions and 4 deletions
--- a/netbox/secrets/models.py
+++ b/netbox/secrets/models.py
@ -233,15 +233,23 @@ class Secret(CreatedUpdatedModel):
            pad_length = 16 - ((len(s) + 2) % 16)
        else:
            pad_length = 0
-        return chr(len(s) >> 8) + chr(len(s) % 256) + s + os.urandom(pad_length)
+        return (
+            chr(len(s) >> 8).encode() +
+            chr(len(s) % 256).encode() +
+            s.encode() +
+            os.urandom(pad_length)
+        )

    def _unpad(self, s):
        """
        Consume the first two bytes of s as a plaintext length indicator and return only that many bytes as the
        plaintext.
        """
-        plaintext_length = (ord(s[0]) << 8) + ord(s[1])
-        return s[2:plaintext_length + 2]
+        if isinstance(s[0], int):
+            plaintext_length = (s[0] << 8) + s[1]
+        elif isinstance(s[0], str):
+            plaintext_length = (ord(s[0]) << 8) + ord(s[1])
+        return s[2:plaintext_length + 2].decode()

    def encrypt(self, secret_key):
        """
--- a/netbox/secrets/tests/test_models.py
+++ b/netbox/secrets/tests/test_models.py
@ -6,6 +6,7 @@ from django.core.exceptions import ValidationError
 from django.test import TestCase

 from secrets.models import UserKey, Secret, generate_master_key, encrypt_master_key, decrypt_master_key
+from secrets.hashers import SecretValidationHasher


 class UserKeyTestCase(TestCase):
@ -100,7 +101,7 @@ class SecretTestCase(TestCase):
        # Ensure proper hashing algorithm is used
        hasher, iterations, salt, sha256 = s.hash.split('$')
        self.assertEqual(hasher, 'pbkdf2_sha256', "Hashing algorithm has been modified to: {}".format(hasher))
-        self.assertGreaterEqual(iterations, 24000, "Insufficient iteration count ({}) for hash".format(iterations))
+        self.assertGreaterEqual(int(iterations), SecretValidationHasher.iterations, "Insufficient iteration count ({}) for hash".format(iterations))
        self.assertGreaterEqual(len(salt), 12, "Hash salt is too short ({} chars)".format(len(salt)))

        # Test hash validation