search

cocagne / pysrp

Python implementation of the Secure Remote Password protocol (SRP)
MIT License
113 stars 42 forks source link

#28 Fix to avoid TypeError exception #30

Closed jonasao closed 6 years ago

jonasao commented 6 years ago

Converted both username and password arguments to byte arrays upon contatenating them to the string sent to the digest() method of the hash_class. Converted str to byte array in call to h.update() in the calculate_M() method.

cocagne commented 6 years ago

Fixed. (I think)

On Wed, Apr 4, 2018 at 2:50 PM, Alan Dragomirecký notifications@github.com wrote:

This merge-request broke the library for Python 3, as username and password are expected to be bytes objects thus not having an encode() method. 😞

— You are receiving this because you modified the open/close state. Reply to this email directly, view it on GitHub https://github.com/cocagne/pysrp/pull/30#issuecomment-378723874, or mute the thread https://github.com/notifications/unsubscribe-auth/ABrLfJrbL8qVZ6PzVp0k-Sf1szXlgUtbks5tlSQigaJpZM4PXH07 .

dragomirecky commented 6 years ago

Ha, thanks for having a look even when I deleted the comment :). After I wrote it, I realized this merge request is from September 2017 but my fork of the library from January 2018 did not have the problem. I wanted to get back to it today.

Have you done some changes to git history or what reintroduced the problem?

Nevertheless, one more thanks for fixing it so quickly :)

cocagne commented 6 years ago

Honestly, I couldn't get it to reproduce the problem in my Python 3 virtualenv but I almost never use py3 so I assumed I was likely doing something wrong. Fortunately, it looked like an easy and low-risk solution was available so I implemented that just in case.

On Thu, 5 Apr 2018, 6:06 AM Alan Dragomirecký, notifications@github.com wrote:

Ha, thanks for having a look even when I deleted the comment :). After I wrote it, I realized this merge request is from September 2017 but my fork of the library from January 2018 did not have the problem. I wanted to get back to it today.

Have you done some changes to git history or what reintroduced the problem?

Nevertheless, one more thanks for fixing it so quickly :)

— You are receiving this because you modified the open/close state. Reply to this email directly, view it on GitHub https://github.com/cocagne/pysrp/pull/30#issuecomment-378899779, or mute the thread https://github.com/notifications/unsubscribe-auth/ABrLfCi0OWay76GfQWvdTe5899SPwOu4ks5tlfq4gaJpZM4PXH07 .

dragomirecky commented 6 years ago

Steps to reproduce:

  1. pip install --upgrade --force-reinstall srp==1.0.11
  2. python -c 'import srp; srp.create_salted_verification_key(b"user", b"password")'

That is all it takes (Python 3.6.1).

I just confirmed that your update fixes the issue. Thank you.