(connection, authkey: bytes, digest_name='sha256')
| 964 | |
| 965 | |
| 966 | def deliver_challenge(connection, authkey: bytes, digest_name='sha256'): |
| 967 | if not isinstance(authkey, bytes): |
| 968 | raise ValueError( |
| 969 | "Authkey must be bytes, not {0!s}".format(type(authkey))) |
| 970 | assert MESSAGE_LENGTH > _MD5ONLY_MESSAGE_LENGTH, "protocol constraint" |
| 971 | message = os.urandom(MESSAGE_LENGTH) |
| 972 | message = b'{%s}%s' % (digest_name.encode('ascii'), message) |
| 973 | # Even when sending a challenge to a legacy client that does not support |
| 974 | # digest prefixes, they'll take the entire thing as a challenge and |
| 975 | # respond to it with a raw HMAC-MD5. |
| 976 | connection.send_bytes(_CHALLENGE + message) |
| 977 | response = connection.recv_bytes(256) # reject large message |
| 978 | try: |
| 979 | _verify_challenge(authkey, message, response) |
| 980 | except AuthenticationError: |
| 981 | connection.send_bytes(_FAILURE) |
| 982 | raise |
| 983 | else: |
| 984 | connection.send_bytes(_WELCOME) |
| 985 | |
| 986 | |
| 987 | def answer_challenge(connection, authkey: bytes): |
no test coverage detected
searching dependent graphs…