'CVS: tmda/TMDA ChangeLog,1.61,1.62 Cookie.py,1.7,1.8 Defaults.py,1.55,1.56'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       tmda-cvs
Subject:    CVS: tmda/TMDA ChangeLog,1.61,1.62 Cookie.py,1.7,1.8 Defaults.py,1.55,1.56
From:       "Jason R. Mastaler" <jasonrm () users ! sourceforge ! net>
Date:       2001-09-19 16:23:40
[Download RAW message or body]

Update of /cvsroot/tmda/tmda/TMDA
In directory usw-pr-cvs1:/tmp/cvs-serv1511/TMDA

Modified Files:
	ChangeLog Cookie.py Defaults.py 
Log Message:
Add support for variable length HMACs.  This was done for flexibility
in cases where the default HMAC size (24-bit) was not commensurate
with the requirements of the local security policy.


Index: ChangeLog
===================================================================
RCS file: /cvsroot/tmda/tmda/TMDA/ChangeLog,v
retrieving revision 1.61
retrieving revision 1.62
diff -u -r1.61 -r1.62
--- ChangeLog	2001/09/17 23:09:23	1.61
+++ ChangeLog	2001/09/19 16:23:38	1.62
@@ -1,3 +1,15 @@
+2001-09-18  Jason R. Mastaler  <jasonrm@nightshade.la.mastaler.com>
+
+	* Cookie.py (make_sender_cookie): Support variable length HMACs
+	via HMAC_BYTES.
+
+	(confirmationmac): Ditto.
+
+	(datemac): Ditto.
+
+	* Defaults.py (HMAC_BYTES): New variable specifying the number of
+	bytes for all HMACs.
+
 2001-09-17  Jason R. Mastaler  <jasonrm@nightshade.la.mastaler.com>
 
 	* Defaults.py (TMDA_VERSION): Begin 0.37 development.

Index: Cookie.py
===================================================================
RCS file: /cvsroot/tmda/tmda/TMDA/Cookie.py,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -r1.7 -r1.8
--- Cookie.py	2001/08/24 22:01:23	1.7
+++ Cookie.py	2001/09/19 16:23:38	1.8
@@ -20,7 +20,7 @@
     chmac.update(pid)
     if keyword:
         chmac.update(keyword)
-    return Util.hexlify(chmac.digest()[:3])
+    return Util.hexlify(chmac.digest()[:Defaults.HMAC_BYTES])
 
 
 def make_confirm_cookie(time,pid,keyword=None):
@@ -42,7 +42,7 @@
 
 def datemac(time):
     """Expects time as a string, and returns an HMAC in hex."""
-    datemac = HMAC.new(Defaults.CRYPT_KEY,time).digest()[:3]
+    datemac = HMAC.new(Defaults.CRYPT_KEY,time).digest()[:Defaults.HMAC_BYTES]
     return Util.hexlify(datemac)
 
 
@@ -66,7 +66,8 @@
 
 def make_sender_cookie(address):
     """Return a sender-style cookie based on the given address."""
-    sender_cookie = HMAC.new(Defaults.CRYPT_KEY,address).digest()[:3]
+    sender_cookie = HMAC.new(Defaults.CRYPT_KEY,
+                             address).digest()[:Defaults.HMAC_BYTES]
     return Util.hexlify(sender_cookie)
 
 

Index: Defaults.py
===================================================================
RCS file: /cvsroot/tmda/tmda/TMDA/Defaults.py,v
retrieving revision 1.55
retrieving revision 1.56
diff -u -r1.55 -r1.56
--- Defaults.py	2001/09/17 23:09:23	1.55
+++ Defaults.py	2001/09/19 16:23:38	1.56
@@ -203,6 +203,14 @@
 if not vars().has_key('FULLNAME'):
     FULLNAME = Util.getfullname()
 
+# HMAC_BYTES
+# An integer which determines the length of the HMACs used in TMDA's
+# "cookies".  Read the `CRYPTO' file for more information.  Changing
+# this value will will invalidate all previously generated HMACs.
+# Default is 3 (24-bit HMACs)
+if not vars().has_key('HMAC_BYTES'):
+    HMAC_BYTES = 3
+
 # HOSTNAME
 # The right-hand side of your email address (after `@').
 # Defaults to the fully qualified domain name of the localhost.


[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic