python3: 'hex' is not an encoding anymore (#36995)

2019-10-16 14:33:16 +02:00 · 2019-10-16 14:33:16 +02:00 · b0765362b9
parent 20a9676ef2
commit b0765362b9
1 changed files with 6 additions and 6 deletions
--- a/src/authentic2/hashers.py
+++ b/src/authentic2/hashers.py
@ -17,7 +17,7 @@
 import hashlib
 import math
 import base64
-from binascii import hexlify
+from binascii import hexlify, unhexlify
 from collections import OrderedDict

 from django.contrib.auth import hashers
@ -180,17 +180,17 @@ def olap_password_to_dj(password):
 class OpenLDAPPasswordHasher(CommonPasswordHasher):
    def encode(self, password, salt):
        assert password
-        assert '$' not in salt
+        assert b'$' not in salt
        hash = self.digest(force_bytes(password + salt)).hexdigest()
        salt = force_text(hexlify(salt), encoding='ascii')
        return "%s$%s$%s" % (self.algorithm, salt, hash)

    def verify(self, password, encoded):
        algorithm, salt, hash = encoded.split('$', 2)
-        hash = hash.decode('hex')
-        salt = salt.decode('hex')
+        hash = unhexlify(hash)
+        salt = unhexlify(salt)
        assert algorithm == self.algorithm
-        encoded_2 = self.encode(password, salt)
+        encoded_2 = self.encode(force_bytes(password), salt)
        return constant_time_compare(encoded, encoded_2)


@ -238,7 +238,7 @@ class JoomlaPasswordHasher(CommonPasswordHasher):

    def verify(self, password, encoded):
        algorithm, subalgo, salt, hash = encoded.split('$', 3)
-        salt = salt.decode('hex')
+        salt = unhexlify(salt)
        if algorithm != self.algorithm:
            raise ValueError('not a joomla encoded password')
        encoded_2 = self.encode(password, salt)