(connection, authkey: bytes, digest_name='sha256')
| 926 | |
| 927 | |
| 928 | def deliver_challenge(connection, authkey: bytes, digest_name='sha256'): |
| 929 | if not isinstance(authkey, bytes): |
| 930 | raise ValueError( |
| 931 | "Authkey must be bytes, not {0!s}".format(type(authkey))) |
| 932 | assert MESSAGE_LENGTH > _MD5ONLY_MESSAGE_LENGTH, "protocol constraint" |
| 933 | message = os.urandom(MESSAGE_LENGTH) |
| 934 | message = b'{%s}%s' % (digest_name.encode('ascii'), message) |
| 935 | # Even when sending a challenge to a legacy client that does not support |
| 936 | # digest prefixes, they'll take the entire thing as a challenge and |
| 937 | # respond to it with a raw HMAC-MD5. |
| 938 | connection.send_bytes(_CHALLENGE + message) |
| 939 | response = connection.recv_bytes(256) # reject large message |
| 940 | try: |
| 941 | _verify_challenge(authkey, message, response) |
| 942 | except AuthenticationError: |
| 943 | connection.send_bytes(_FAILURE) |
| 944 | raise |
| 945 | else: |
| 946 | connection.send_bytes(_WELCOME) |
| 947 | |
| 948 | |
| 949 | def answer_challenge(connection, authkey: bytes): |
no test coverage detected