[Erp5-report] r43863 kazuhiko - /erp5/trunk/products/ERP5Security/ERP5KeyAuthPlugin.py
nobody at svn.erp5.org
nobody at svn.erp5.org
Tue Mar 1 17:08:29 CET 2011
Author: kazuhiko
Date: Tue Mar 1 17:08:29 2011
New Revision: 43863
URL: http://svn.erp5.org?rev=43863&view=rev
Log:
use urlsafe_b64 instead of b32 for even shorter key but still url safe.
Modified:
erp5/trunk/products/ERP5Security/ERP5KeyAuthPlugin.py
Modified: erp5/trunk/products/ERP5Security/ERP5KeyAuthPlugin.py
URL: http://svn.erp5.org/erp5/trunk/products/ERP5Security/ERP5KeyAuthPlugin.py?rev=43863&r1=43862&r2=43863&view=diff
==============================================================================
--- erp5/trunk/products/ERP5Security/ERP5KeyAuthPlugin.py [utf8] (original)
+++ erp5/trunk/products/ERP5Security/ERP5KeyAuthPlugin.py [utf8] Tue Mar 1 17:08:29 2011
@@ -56,7 +56,7 @@ from Products.ERP5Security.ERP5UserManag
_AuthenticationFailure
from Crypto.Cipher import AES
-from base64 import b32decode, b32encode
+from base64 import urlsafe_b64decode, urlsafe_b64encode
class AESCipher:
mode = AES.MODE_CFB
@@ -67,11 +67,11 @@ class AESCipher:
def encrypt(self, login):
encryptor = AES.new(self.encryption_key, self.mode)
- return b32encode(encryptor.encrypt(login.ljust(((len(login)-1)/16+1)*16)))
+ return urlsafe_b64encode(encryptor.encrypt(login.ljust(((len(login)-1)/16+1)*16)))
def decrypt(self, crypted_login):
decryptor = AES.new(self.encryption_key, self.mode)
- return decryptor.decrypt(b32decode(crypted_login)).rstrip()
+ return decryptor.decrypt(urlsafe_b64decode(crypted_login)).rstrip()
# This cipher is weak. Do not use.
class CesarCipher:
More information about the Erp5-report
mailing list