utils: switch to pycryptodomex, replace Crypto with Cryptodome (#43563)
This commit is contained in:
parent
91b89e6ed5
commit
7494896e9f
|
@ -35,7 +35,7 @@ from django.utils import timezone, dateparse, six
|
||||||
from django.core.mail import EmailMultiAlternatives
|
from django.core.mail import EmailMultiAlternatives
|
||||||
from django.urls import reverse
|
from django.urls import reverse
|
||||||
from django.core.exceptions import ObjectDoesNotExist, PermissionDenied, ValidationError
|
from django.core.exceptions import ObjectDoesNotExist, PermissionDenied, ValidationError
|
||||||
from django.utils.encoding import python_2_unicode_compatible
|
from django.utils.encoding import force_bytes, python_2_unicode_compatible
|
||||||
from django.utils.formats import localize
|
from django.utils.formats import localize
|
||||||
from django.utils.http import urlencode
|
from django.utils.http import urlencode
|
||||||
from django.utils.six.moves.urllib import parse as urlparse
|
from django.utils.six.moves.urllib import parse as urlparse
|
||||||
|
@ -458,7 +458,7 @@ class RemoteItem(object):
|
||||||
|
|
||||||
@property
|
@property
|
||||||
def crypto_id(self):
|
def crypto_id(self):
|
||||||
return aes_hex_encrypt(settings.SECRET_KEY, str(self.id))
|
return aes_hex_encrypt(settings.SECRET_KEY, force_bytes(str(self.id)))
|
||||||
|
|
||||||
|
|
||||||
class Transaction(models.Model):
|
class Transaction(models.Model):
|
||||||
|
|
|
@ -16,9 +16,9 @@
|
||||||
|
|
||||||
import binascii
|
import binascii
|
||||||
|
|
||||||
from Crypto.Cipher import AES
|
from Cryptodome.Cipher import AES
|
||||||
from Crypto.Protocol.KDF import PBKDF2
|
from Cryptodome.Protocol.KDF import PBKDF2
|
||||||
from Crypto import Random
|
from Cryptodome import Random
|
||||||
|
|
||||||
from django.utils import six
|
from django.utils import six
|
||||||
from django.utils.encoding import force_text
|
from django.utils.encoding import force_text
|
||||||
|
|
1
setup.py
1
setup.py
|
@ -164,6 +164,7 @@ setup(
|
||||||
'django-ratelimit<3',
|
'django-ratelimit<3',
|
||||||
'sorl-thumbnail',
|
'sorl-thumbnail',
|
||||||
'Pillow',
|
'Pillow',
|
||||||
|
'pycryptodomex',
|
||||||
'pyproj',
|
'pyproj',
|
||||||
'pywebpush',
|
'pywebpush',
|
||||||
'pygal',
|
'pygal',
|
||||||
|
|
|
@ -13,7 +13,7 @@ from django.test import override_settings
|
||||||
from django.urls import reverse
|
from django.urls import reverse
|
||||||
from django.conf import settings
|
from django.conf import settings
|
||||||
from django.core.management import call_command
|
from django.core.management import call_command
|
||||||
from django.utils.encoding import force_text
|
from django.utils.encoding import force_bytes, force_text
|
||||||
from django.utils.six.moves.urllib import parse as urlparse
|
from django.utils.six.moves.urllib import parse as urlparse
|
||||||
from django.utils.timezone import timedelta, now
|
from django.utils.timezone import timedelta, now
|
||||||
from django.contrib.auth.models import User
|
from django.contrib.auth.models import User
|
||||||
|
@ -220,7 +220,7 @@ def test_remote_regie_past_invoices_cell(mock_send, remote_regie):
|
||||||
@mock.patch('combo.apps.lingo.models.requests.get')
|
@mock.patch('combo.apps.lingo.models.requests.get')
|
||||||
def test_anonymous_successful_item_payment(mock_get, mock_pay_invoice, app, remote_regie):
|
def test_anonymous_successful_item_payment(mock_get, mock_pay_invoice, app, remote_regie):
|
||||||
assert remote_regie.is_remote() == True
|
assert remote_regie.is_remote() == True
|
||||||
encrypt_id = aes_hex_encrypt(settings.SECRET_KEY, 'F201601')
|
encrypt_id = aes_hex_encrypt(settings.SECRET_KEY, force_bytes('F201601'))
|
||||||
# invoice with amount_paid
|
# invoice with amount_paid
|
||||||
invoices = copy.deepcopy(INVOICES)
|
invoices = copy.deepcopy(INVOICES)
|
||||||
invoices[0]['amount'] = '100.00'
|
invoices[0]['amount'] = '100.00'
|
||||||
|
@ -294,7 +294,7 @@ def test_anonymous_successful_item_payment(mock_get, mock_pay_invoice, app, remo
|
||||||
@mock.patch('combo.apps.lingo.models.requests.get')
|
@mock.patch('combo.apps.lingo.models.requests.get')
|
||||||
def test_anonymous_item_payment_email_error(mock_get, app, remote_regie):
|
def test_anonymous_item_payment_email_error(mock_get, app, remote_regie):
|
||||||
assert remote_regie.is_remote() == True
|
assert remote_regie.is_remote() == True
|
||||||
encrypt_id = aes_hex_encrypt(settings.SECRET_KEY, 'F201601')
|
encrypt_id = aes_hex_encrypt(settings.SECRET_KEY, force_bytes('F201601'))
|
||||||
mock_json = mock.Mock()
|
mock_json = mock.Mock()
|
||||||
mock_json.json.return_value = {'err': 0, 'data': INVOICES[0]}
|
mock_json.json.return_value = {'err': 0, 'data': INVOICES[0]}
|
||||||
mock_get.return_value = mock_json
|
mock_get.return_value = mock_json
|
||||||
|
@ -363,7 +363,7 @@ def test_remote_item_payment_failure(mock_post, mock_get, mock_pay_invoice, app,
|
||||||
page = Page(title='xxx', slug='active-remote-invoices-page', template_name='standard')
|
page = Page(title='xxx', slug='active-remote-invoices-page', template_name='standard')
|
||||||
page.save()
|
page.save()
|
||||||
assert remote_regie.is_remote()
|
assert remote_regie.is_remote()
|
||||||
encrypt_id = aes_hex_encrypt(settings.SECRET_KEY, 'F201601')
|
encrypt_id = aes_hex_encrypt(settings.SECRET_KEY, force_bytes('F201601'))
|
||||||
mock_json = mock.Mock()
|
mock_json = mock.Mock()
|
||||||
mock_json.json.return_value = {'err': 0, 'data': INVOICES[0]}
|
mock_json.json.return_value = {'err': 0, 'data': INVOICES[0]}
|
||||||
mock_get.return_value = mock_json
|
mock_get.return_value = mock_json
|
||||||
|
@ -432,7 +432,7 @@ def test_remote_invoice_successfull_payment_redirect(mock_get, mock_pay_invoice,
|
||||||
page = Page(title='xxx', slug='active-remote-invoices-page', template_name='standard')
|
page = Page(title='xxx', slug='active-remote-invoices-page', template_name='standard')
|
||||||
page.save()
|
page.save()
|
||||||
assert remote_regie.is_remote()
|
assert remote_regie.is_remote()
|
||||||
encrypt_id = aes_hex_encrypt(settings.SECRET_KEY, 'F201601')
|
encrypt_id = aes_hex_encrypt(settings.SECRET_KEY, force_bytes('F201601'))
|
||||||
mock_json = mock.Mock()
|
mock_json = mock.Mock()
|
||||||
mock_json.json.return_value = {'err': 0, 'data': INVOICES[0]}
|
mock_json.json.return_value = {'err': 0, 'data': INVOICES[0]}
|
||||||
mock_get.return_value = mock_json
|
mock_get.return_value = mock_json
|
||||||
|
|
|
@ -7,6 +7,7 @@ from django.test import override_settings
|
||||||
from django.template import Context, RequestContext
|
from django.template import Context, RequestContext
|
||||||
from django.test.client import RequestFactory
|
from django.test.client import RequestFactory
|
||||||
from django.contrib.auth.models import AnonymousUser
|
from django.contrib.auth.models import AnonymousUser
|
||||||
|
from django.utils.encoding import force_bytes
|
||||||
|
|
||||||
|
|
||||||
class MockUser(object):
|
class MockUser(object):
|
||||||
|
@ -25,7 +26,7 @@ class MockUser(object):
|
||||||
def test_crypto_url():
|
def test_crypto_url():
|
||||||
invoice_id = '12-1234'
|
invoice_id = '12-1234'
|
||||||
key = settings.SECRET_KEY
|
key = settings.SECRET_KEY
|
||||||
assert aes_hex_decrypt(key, aes_hex_encrypt(key, invoice_id)) == invoice_id
|
assert aes_hex_decrypt(key, aes_hex_encrypt(key, force_bytes(invoice_id))) == invoice_id
|
||||||
|
|
||||||
|
|
||||||
def test_templated_url():
|
def test_templated_url():
|
||||||
|
|
Loading…
Reference in New Issue