mirror/netbox-community-netbox
1
0
Fork 0
mirror of https://github.com/netbox-community/netbox.git synced 2024-05-10 07:54:54 +00:00
Code Activity

Merge pull request #15 from digitalocean/secrets-py3

Browse Source 
Secrets py3
This commit is contained in:
Jeremy Stretch
2016-06-23 09:08:27 -04:00
committed by GitHub
parent f9b499d83e f7e768d166
commit b8169d5ce3
2 changed files with 13 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
netbox/secrets/models.py
View File

@ -233,15 +233,23 @@ class Secret(CreatedUpdatedModel):
pad_length = 16 - ((len(s) + 2) % 16) pad_length = 16 - ((len(s) + 2) % 16)
else: else:
pad_length = 0 pad_length = 0
return chr(len(s) >> 8) + chr(len(s) % 256) + s + os.urandom(pad_length) return (
chr(len(s) >> 8).encode() +
chr(len(s) % 256).encode() +
s.encode() +
os.urandom(pad_length)
)
def _unpad(self, s): def _unpad(self, s):
""" """
Consume the first two bytes of s as a plaintext length indicator and return only that many bytes as the Consume the first two bytes of s as a plaintext length indicator and return only that many bytes as the
plaintext. plaintext.
""" """
plaintext_length = (ord(s[0]) << 8) + ord(s[1]) if isinstance(s[0], int):
return s[2:plaintext_length + 2] plaintext_length = (s[0] << 8) + s[1]
elif isinstance(s[0], str):
plaintext_length = (ord(s[0]) << 8) + ord(s[1])
return s[2:plaintext_length + 2].decode()
def encrypt(self, secret_key): def encrypt(self, secret_key):
""" """

3
netbox/secrets/tests/test_models.py
View File

@ -6,6 +6,7 @@ from django.core.exceptions import ValidationError
from django.test import TestCase from django.test import TestCase
from secrets.models import UserKey, Secret, generate_master_key, encrypt_master_key, decrypt_master_key from secrets.models import UserKey, Secret, generate_master_key, encrypt_master_key, decrypt_master_key
from secrets.hashers import SecretValidationHasher
class UserKeyTestCase(TestCase): class UserKeyTestCase(TestCase):
@ -100,7 +101,7 @@ class SecretTestCase(TestCase):
# Ensure proper hashing algorithm is used # Ensure proper hashing algorithm is used
hasher, iterations, salt, sha256 = s.hash.split('$') hasher, iterations, salt, sha256 = s.hash.split('$')
self.assertEqual(hasher, 'pbkdf2_sha256', "Hashing algorithm has been modified to: {}".format(hasher)) self.assertEqual(hasher, 'pbkdf2_sha256', "Hashing algorithm has been modified to: {}".format(hasher))
self.assertGreaterEqual(iterations, 24000, "Insufficient iteration count ({}) for hash".format(iterations)) self.assertGreaterEqual(int(iterations), SecretValidationHasher.iterations, "Insufficient iteration count ({}) for hash".format(iterations))
self.assertGreaterEqual(len(salt), 12, "Hash salt is too short ({} chars)".format(len(salt))) self.assertGreaterEqual(len(salt), 12, "Hash salt is too short ({} chars)".format(len(salt)))
# Test hash validation # Test hash validation