From a4cef60c49f510dbf6938a9275bfe8341237e438 Mon Sep 17 00:00:00 2001 From: mdipierro Date: Tue, 23 Oct 2012 10:13:17 -0500 Subject: [PATCH] reverted changs to utils --- VERSION | 2 +- gluon/contrib/aes.py | 115 +++++++++++++++++++------------------------ gluon/utils.py | 36 ++++---------- 3 files changed, 62 insertions(+), 91 deletions(-) diff --git a/VERSION b/VERSION index 3c945c5e..767f5e08 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -Version 2.2.1 (2012-10-23 10:11:28) stable +Version 2.2.1 (2012-10-23 10:13:13) stable diff --git a/gluon/contrib/aes.py b/gluon/contrib/aes.py index 9ca2a3b3..cecf2d90 100644 --- a/gluon/contrib/aes.py +++ b/gluon/contrib/aes.py @@ -45,16 +45,8 @@ there clears it up. # LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN # THE SOFTWARE. -# -# Ported to python 3 by Massimo Di Pierro -# #### -try: - import binascii # python 3 - str2hex = lambda s: binascii.b2a_hex(s.encode('utf8')) -except ImportError: # python 2 - str2hex = lambda s: s.decode('hex') from array import array @@ -444,70 +436,67 @@ gf_mul_by_14 = array('B', [galois_multiply(x, 14) for x in range(256)]) # # More information: http://en.wikipedia.org/wiki/Rijndael_S-box -aes_sbox = array( - 'B', - str2hex('637c777bf26b6fc53001672bfed7ab76' - 'ca82c97dfa5947f0add4a2af9ca472c0' - 'b7fd9326363ff7cc34a5e5f171d83115' - '04c723c31896059a071280e2eb27b275' - '09832c1a1b6e5aa0523bd6b329e32f84' - '53d100ed20fcb15b6acbbe394a4c58cf' - 'd0efaafb434d338545f9027f503c9fa8' - '51a3408f929d38f5bcb6da2110fff3d2' - 'cd0c13ec5f974417c4a77e3d645d1973' - '60814fdc222a908846eeb814de5e0bdb' - 'e0323a0a4906245cc2d3ac629195e479' - 'e7c8376d8dd54ea96c56f4ea657aae08' - 'ba78252e1ca6b4c6e8dd741f4bbd8b8a' - '703eb5664803f60e613557b986c11d9e' - 'e1f8981169d98e949b1e87e9ce5528df' - '8ca1890dbfe6426841992d0fb054bb16') +aes_sbox = array('B', + '637c777bf26b6fc53001672bfed7ab76' + 'ca82c97dfa5947f0add4a2af9ca472c0' + 'b7fd9326363ff7cc34a5e5f171d83115' + '04c723c31896059a071280e2eb27b275' + '09832c1a1b6e5aa0523bd6b329e32f84' + '53d100ed20fcb15b6acbbe394a4c58cf' + 'd0efaafb434d338545f9027f503c9fa8' + '51a3408f929d38f5bcb6da2110fff3d2' + 'cd0c13ec5f974417c4a77e3d645d1973' + '60814fdc222a908846eeb814de5e0bdb' + 'e0323a0a4906245cc2d3ac629195e479' + 'e7c8376d8dd54ea96c56f4ea657aae08' + 'ba78252e1ca6b4c6e8dd741f4bbd8b8a' + '703eb5664803f60e613557b986c11d9e' + 'e1f8981169d98e949b1e87e9ce5528df' + '8ca1890dbfe6426841992d0fb054bb16'.decode('hex') ) # This is the inverse of the above. In other words: # aes_inv_sbox[aes_sbox[val]] == val -aes_inv_sbox = array( - 'B', - str2hex('52096ad53036a538bf40a39e81f3d7fb' - '7ce339829b2fff87348e4344c4dee9cb' - '547b9432a6c2233dee4c950b42fac34e' - '082ea16628d924b2765ba2496d8bd125' - '72f8f66486689816d4a45ccc5d65b692' - '6c704850fdedb9da5e154657a78d9d84' - '90d8ab008cbcd30af7e45805b8b34506' - 'd02c1e8fca3f0f02c1afbd0301138a6b' - '3a9111414f67dcea97f2cfcef0b4e673' - '96ac7422e7ad3585e2f937e81c75df6e' - '47f11a711d29c5896fb7620eaa18be1b' - 'fc563e4bc6d279209adbc0fe78cd5af4' - '1fdda8338807c731b11210592780ec5f' - '60517fa919b54a0d2de57a9f93c99cef' - 'a0e03b4dae2af5b0c8ebbb3c83539961' - '172b047eba77d626e169146355210c7d') - ) +aes_inv_sbox = array('B', + '52096ad53036a538bf40a39e81f3d7fb' + '7ce339829b2fff87348e4344c4dee9cb' + '547b9432a6c2233dee4c950b42fac34e' + '082ea16628d924b2765ba2496d8bd125' + '72f8f66486689816d4a45ccc5d65b692' + '6c704850fdedb9da5e154657a78d9d84' + '90d8ab008cbcd30af7e45805b8b34506' + 'd02c1e8fca3f0f02c1afbd0301138a6b' + '3a9111414f67dcea97f2cfcef0b4e673' + '96ac7422e7ad3585e2f937e81c75df6e' + '47f11a711d29c5896fb7620eaa18be1b' + 'fc563e4bc6d279209adbc0fe78cd5af4' + '1fdda8338807c731b11210592780ec5f' + '60517fa919b54a0d2de57a9f93c99cef' + 'a0e03b4dae2af5b0c8ebbb3c83539961' + '172b047eba77d626e169146355210c7d'.decode('hex') +) # The Rcon table is used in AES's key schedule (key expansion) # It's a pre-computed table of exponentation of 2 in AES's finite field # # More information: http://en.wikipedia.org/wiki/Rijndael_key_schedule -aes_Rcon = array( - 'B', - str2hex('8d01020408102040801b366cd8ab4d9a' - '2f5ebc63c697356ad4b37dfaefc59139' - '72e4d3bd61c29f254a943366cc831d3a' - '74e8cb8d01020408102040801b366cd8' - 'ab4d9a2f5ebc63c697356ad4b37dfaef' - 'c5913972e4d3bd61c29f254a943366cc' - '831d3a74e8cb8d01020408102040801b' - '366cd8ab4d9a2f5ebc63c697356ad4b3' - '7dfaefc5913972e4d3bd61c29f254a94' - '3366cc831d3a74e8cb8d010204081020' - '40801b366cd8ab4d9a2f5ebc63c69735' - '6ad4b37dfaefc5913972e4d3bd61c29f' - '254a943366cc831d3a74e8cb8d010204' - '08102040801b366cd8ab4d9a2f5ebc63' - 'c697356ad4b37dfaefc5913972e4d3bd' - '61c29f254a943366cc831d3a74e8cb') +aes_Rcon = array('B', + '8d01020408102040801b366cd8ab4d9a' + '2f5ebc63c697356ad4b37dfaefc59139' + '72e4d3bd61c29f254a943366cc831d3a' + '74e8cb8d01020408102040801b366cd8' + 'ab4d9a2f5ebc63c697356ad4b37dfaef' + 'c5913972e4d3bd61c29f254a943366cc' + '831d3a74e8cb8d01020408102040801b' + '366cd8ab4d9a2f5ebc63c697356ad4b3' + '7dfaefc5913972e4d3bd61c29f254a94' + '3366cc831d3a74e8cb8d010204081020' + '40801b366cd8ab4d9a2f5ebc63c69735' + '6ad4b37dfaefc5913972e4d3bd61c29f' + '254a943366cc831d3a74e8cb8d010204' + '08102040801b366cd8ab4d9a2f5ebc63' + 'c697356ad4b37dfaefc5913972e4d3bd' + '61c29f254a943366cc831d3a74e8cb'.decode('hex') ) diff --git a/gluon/utils.py b/gluon/utils.py index df629463..3ef03909 100644 --- a/gluon/utils.py +++ b/gluon/utils.py @@ -21,32 +21,20 @@ import os import re import logging import socket +import cPickle import base64 import zlib -try: - import cPickle as pickle # python 2 -except ImportError: - import pickle # python 3 - - try: from Crypto.Cipher import AES except ImportError: - try: - from .aes import AES - except ImportError: - from contrib.aes import AES + from contrib import aes as AES try: from contrib.pbkdf2 import pbkdf2_hex HAVE_PBKDF2 = True except ImportError: - try: - from .pbkdf2 import pbkdf2_hex - HAVE_PBKDF2 = True - except (ImportError, ValueError): - HAVE_PBKDF2 = False + HAVE_PBKDF2 = False logger = logging.getLogger("web2py") @@ -127,7 +115,7 @@ def pad(s, n=32, padchar='.'): def secure_dumps(data, encryption_key, hash_key=None, compression_level=None): if not hash_key: hash_key = hashlib.sha1(encryption_key).hexdigest() - dump = pickle.dumps(data) + dump = cPickle.dumps(data) if compression_level: dump = zlib.compress(dump, compression_level) key = pad(encryption_key[:32]) @@ -153,8 +141,8 @@ def secure_loads(data, encryption_key, hash_key=None, compression_level=None): data = data.rstrip(' ') if compression_level: data = zlib.decompress(data) - return pickle.loads(data) - except (TypeError, pickle.UnpicklingError): + return cPickle.loads(data) + except (TypeError, cPickle.UnpicklingError): return None ### compute constant CTOKENS @@ -185,10 +173,7 @@ def initialize_urandom(): # try to add process-specific entropy frandom = open('/dev/urandom', 'wb') try: - try: - frandom.write(''.join(chr(t) for t in ctokens)) # python 2 - except: - frandom.write(bytes([]).join(bytes([t]) for t in ctokens)) # python 3 + frandom.write(''.join(chr(t) for t in ctokens)) finally: frandom.close() except IOError: @@ -200,11 +185,8 @@ def initialize_urandom(): """Cryptographically secure session management is not possible on your system because your system does not provide a cryptographically secure entropy source. This is not specific to web2py; consider deploying on a different operating system.""") - try: - packed = ''.join(chr(x) for x in ctokens) # python 2 - except: - packed = bytes([]).join(bytes([x]) for x in ctokens) # python 3 - unpacked_ctokens = struct.unpack('=QQ', packed) + unpacked_ctokens = struct.unpack('=QQ', string.join( + (chr(x) for x in ctokens), '')) return unpacked_ctokens, have_urandom UNPACKED_CTOKENS, HAVE_URANDOM = initialize_urandom()