diff options
author | Josh Hoyt <josh@janrain.com> | 2006-07-20 21:03:54 +0000 |
---|---|---|
committer | Josh Hoyt <josh@janrain.com> | 2006-07-20 21:03:54 +0000 |
commit | 9ba2ef11abd8c181331026fe0e56dcc966d5fc2b (patch) | |
tree | 78fa8b730493534c03f4fbf172e2a182fc55c914 /openid/association.py | |
parent | 90607d29f1f434c28c2b7937b535a8e1952eb1fd (diff) | |
download | openid-9ba2ef11abd8c181331026fe0e56dcc966d5fc2b.tar.gz |
[project @ Added support for HMAC-SHA256 and DH-SHA256 in the consumer]
Diffstat (limited to 'openid/association.py')
-rw-r--r-- | openid/association.py | 20 |
1 files changed, 17 insertions, 3 deletions
diff --git a/openid/association.py b/openid/association.py index 45120f4..2795306 100644 --- a/openid/association.py +++ b/openid/association.py @@ -14,15 +14,15 @@ if hasattr(cryptutil, 'hmacSha256'): supported_association_types = list(all_association_types) default_association_order = [ - ('HMAC-SHA256', 'DH-SHA256'), ('HMAC-SHA1', 'DH-SHA1'), - ('HMAC-SHA256', 'no-encryption'), + ('HMAC-SHA256', 'DH-SHA256'), ('HMAC-SHA1', 'no-encryption'), + ('HMAC-SHA256', 'no-encryption'), ] only_encrypted_association_order = [ - ('HMAC-SHA256', 'DH-SHA256'), ('HMAC-SHA1', 'DH-SHA1'), + ('HMAC-SHA256', 'DH-SHA256'), ] else: supported_association_types = ['HMAC-SHA1'] @@ -99,6 +99,14 @@ class SessionNegotiator(object): default_negotiator = SessionNegotiator(default_association_order) encrypted_negotiator = SessionNegotiator(only_encrypted_association_order) +def getSecretSize(assoc_type): + if assoc_type == 'HMAC-SHA1': + return 20 + elif assoc_type == 'HMAC-SHA256': + return 32 + else: + raise ValueError('Unsupported association type: %r' % (assoc_type,)) + class Association(object): """ This class represents an association between a server and a @@ -156,6 +164,7 @@ class Association(object): 'assoc_type', ] + def fromExpiresIn(cls, expires_in, handle, secret, assoc_type): """ This is an alternate constructor used by the OpenID consumer @@ -238,6 +247,11 @@ class Association(object): fmt = '%r is not a supported association type' raise ValueError(fmt % (assoc_type,)) +# secret_size = getSecretSize(assoc_type) +# if len(secret) != secret_size: +# fmt = 'Wrong size secret (%s bytes) for association type %s' +# raise ValueError(fmt % (len(secret), assoc_type)) + self.handle = handle self.secret = secret self.issued = issued |