Python hashlib.sha1() Examples

The following are 30 code examples of hashlib.sha1(). You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may also want to check out all available functions/classes of the module hashlib , or try the search function .
Example #1
Source File: can_haz_image.py    From macops with Apache License 2.0 7 votes vote down vote up
def GetFileChecksum(self, filepath):
    """Generates checksum of given file.

    Args:
      filepath: String of filepath.

    Returns:
      f_hash: SHA1 hash for the file provided in filepath.
    """
    statinfo = os.stat(filepath)
    if statinfo.st_size/1048576 < 200:
      f_content = open(filepath, 'r').read()
      f_hash = hashlib.sha1(f_content).hexdigest()
      return f_hash
    else:
      cmd = ['shasum', filepath]
      (stdout, unused_sterr, unused_rc) = RunProcess(cmd)
      return stdout.split()[0] 
Example #2
Source File: WXBizMsgCrypt_py3.py    From TaskBot with GNU General Public License v3.0 7 votes vote down vote up
def getSHA1(self, token, timestamp, nonce, encrypt):
        """用SHA1算法生成安全签名
        @param token:  票据
        @param timestamp: 时间戳
        @param encrypt: 密文
        @param nonce: 随机字符串
        @return: 安全签名
        """
        try:
            token = token.decode()
            sortlist = [token, timestamp, nonce, encrypt]
            sortlist.sort()
            sha = hashlib.sha1()
            sha.update("".join(sortlist).encode("utf8"))
            return ierror.WXBizMsgCrypt_OK, sha.hexdigest()
        except Exception as e:
            print(e)
            return ierror.WXBizMsgCrypt_ComputeSignature_Error, None 
Example #3
Source File: auth.py    From tornado-zh with MIT License 6 votes vote down vote up
def _oauth_signature(consumer_token, method, url, parameters={}, token=None):
    """Calculates the HMAC-SHA1 OAuth signature for the given request.

    See http://oauth.net/core/1.0/#signing_process
    """
    parts = urlparse.urlparse(url)
    scheme, netloc, path = parts[:3]
    normalized_url = scheme.lower() + "://" + netloc.lower() + path

    base_elems = []
    base_elems.append(method.upper())
    base_elems.append(normalized_url)
    base_elems.append("&".join("%s=%s" % (k, _oauth_escape(str(v)))
                               for k, v in sorted(parameters.items())))
    base_string = "&".join(_oauth_escape(e) for e in base_elems)

    key_elems = [escape.utf8(consumer_token["secret"])]
    key_elems.append(escape.utf8(token["secret"] if token else ""))
    key = b"&".join(key_elems)

    hash = hmac.new(key, escape.utf8(base_string), hashlib.sha1)
    return binascii.b2a_base64(hash.digest())[:-1] 
Example #4
Source File: utils.py    From dynamic-training-with-apache-mxnet-on-aws with Apache License 2.0 6 votes vote down vote up
def check_sha1(filename, sha1_hash):
    """Check whether the sha1 hash of the file content matches the expected hash.

    Parameters
    ----------
    filename : str
        Path to the file.
    sha1_hash : str
        Expected sha1 hash in hexadecimal digits.

    Returns
    -------
    bool
        Whether the file content matches the expected hash.
    """
    sha1 = hashlib.sha1()
    with open(filename, 'rb') as f:
        while True:
            data = f.read(1048576)
            if not data:
                break
            sha1.update(data)

    return sha1.hexdigest() == sha1_hash 
Example #5
Source File: ipmisim.py    From ipmisim with Apache License 2.0 6 votes vote down vote up
def _got_rakp3(self, data):
        RmRc = struct.pack('B' * len(self.Rm + self.Rc), *(self.Rm + self.Rc))
        self.sik = hmac.new(self.kg, RmRc + struct.pack("2B", self.rolem, len(self.username)) +
                            self.username, hashlib.sha1).digest()
        self.session.k1 = hmac.new(self.sik, '\x01' * 20, hashlib.sha1).digest()
        self.session.k2 = hmac.new(self.sik, '\x02' * 20, hashlib.sha1).digest()
        self.session.aeskey = self.session.k2[0:16]

        hmacdata = struct.pack('B' * len(self.Rc), *self.Rc) + struct.pack("4B", *self.clientsessionid) +\
            struct.pack("2B", self.rolem, len(self.username)) + self.username
        expectedauthcode = hmac.new(self.kuid, hmacdata, hashlib.sha1).digest()
        authcode = struct.pack("%dB" % len(data[8:]), *data[8:])
        if expectedauthcode != authcode:
            self.close_server_session()
            return
        clienttag = data[0]
        if data[1] != 0:
            self.close_server_session()
            return
        self.session.localsid = struct.unpack('<I', struct.pack('4B', *self.managedsessionid))[0]

        logger.debug('IPMI rakp3 request')
        self.session.ipmicallback = self.handle_client_request
        self._send_rakp4(clienttag, 0) 
Example #6
Source File: molecule.py    From QCElemental with BSD 3-Clause "New" or "Revised" License 6 votes vote down vote up
def get_hash(self):
        """
        Returns the hash of the molecule.
        """

        m = hashlib.sha1()
        concat = ""

        np.set_printoptions(precision=16)
        for field in self.hash_fields:
            data = getattr(self, field)
            if field == "geometry":
                data = float_prep(data, GEOMETRY_NOISE)
            elif field == "fragment_charges":
                data = float_prep(data, CHARGE_NOISE)
            elif field == "molecular_charge":
                data = float_prep(data, CHARGE_NOISE)
            elif field == "masses":
                data = float_prep(data, MASS_NOISE)

            concat += json.dumps(data, default=lambda x: x.ravel().tolist())

        m.update(concat.encode("utf-8"))
        return m.hexdigest() 
Example #7
Source File: history.py    From gazetteer with MIT License 6 votes vote down vote up
def generate_history(gz_file, dump_path, place_index):
    f = gzip.open(gz_file, 'rb')
    uid = uuid.uuid4()
    unique_name = uid.hex
    dump = Dump(dump_path + "/historydump/history"+unique_name+".%04d.json.gz")
    histindex = place_index+"-history"  #i.e. gazetest2-history
    
    for line in f:
        index_json = line
        doc_id = json.loads(index_json)["index"]["_id"]
        
        doc_json = f.next()  #nextline
        doc = json.loads(doc_json)

        digest = hashlib.sha1(json.dumps(doc, sort_keys=True)).hexdigest()

        #SAVE HISTORY (the records tied to a place which have revisions)
        history_doc = {"index" : place_index, "type": "place", "id" : doc_id, "revisions": [{"user_created":"ETL", "created_at":time.time(),"digest":digest}]}
        
        dump.write_bulk(histindex, "place", doc_id, history_doc)

    f.close()
    dump.close() 
Example #8
Source File: WXBizMsgCrypt_py3.py    From TaskBot with GNU General Public License v3.0 6 votes vote down vote up
def EncryptMsg(self, sReplyMsg, sNonce, timestamp=None):
        # 将公众号回复用户的消息加密打包
        # @param sReplyMsg: 企业号待回复用户的消息,xml格式的字符串
        # @param sTimeStamp: 时间戳,可以自己生成,也可以用URL参数的timestamp,如为None则自动用当前时间
        # @param sNonce: 随机串,可以自己生成,也可以用URL参数的nonce
        # sEncryptMsg: 加密后的可以直接回复用户的密文,包括msg_signature, timestamp, nonce, encrypt的xml格式的字符串,
        # return:成功0,sEncryptMsg,失败返回对应的错误码None
        pc = Prpcrypt(self.key)
        ret, encrypt = pc.encrypt(sReplyMsg, self.appid)
        if ret != 0:
            return ret, None
        if timestamp is None:
            timestamp = str(int(time.time()))
        # 生成安全签名
        sha1 = SHA1()
        ret, signature = sha1.getSHA1(self.token, timestamp, sNonce, encrypt)

        if ret != 0:
            return ret, None
        xmlParse = XMLParse()
        return ret, xmlParse.generate(encrypt, signature, timestamp, sNonce) 
Example #9
Source File: WXBizMsgCrypt_py3.py    From TaskBot with GNU General Public License v3.0 6 votes vote down vote up
def DecryptMsg(self, sPostData, sMsgSignature, sTimeStamp, sNonce):
        # 检验消息的真实性,并且获取解密后的明文
        # @param sMsgSignature: 签名串,对应URL参数的msg_signature
        # @param sTimeStamp: 时间戳,对应URL参数的timestamp
        # @param sNonce: 随机串,对应URL参数的nonce
        # @param sPostData: 密文,对应POST请求的数据
        #  xml_content: 解密后的原文,当return返回0时有效
        # @return: 成功0,失败返回对应的错误码
        # 验证安全签名
        xmlParse = XMLParse()
        ret, encrypt, touser_name = xmlParse.extract(sPostData)
        if ret != 0:
            return ret, None
        sha1 = SHA1()
        ret, signature = sha1.getSHA1(self.token, sTimeStamp, sNonce, encrypt)
        if ret != 0:
            return ret, None
        if not signature == sMsgSignature:
            return ierror.WXBizMsgCrypt_ValidateSignature_Error, None
        pc = Prpcrypt(self.key)
        ret, xml_content = pc.decrypt(encrypt, self.appid)
        return ret, xml_content 
Example #10
Source File: auth.py    From wechat-analyse with MIT License 6 votes vote down vote up
def app_sign(self, expired=0):
        if not self._secret_id or not self._secret_key:
            return self.AUTH_SECRET_ID_KEY_ERROR

        puserid = ''
        if self._userid != '':
            if len(self._userid) > 64:
                return self.AUTH_URL_FORMAT_ERROR
            puserid = self._userid
 
        now = int(time.time())
        rdm = random.randint(0, 999999999)
        plain_text = 'a=' + self._appid + '&k=' + self._secret_id + '&e=' + str(expired) + '&t=' + str(now) + '&r=' + str(rdm) + '&u=' + puserid + '&f=' 
        bin = hmac.new(self._secret_key.encode(), plain_text.encode(), hashlib.sha1)
        s = bin.hexdigest()
        s = binascii.unhexlify(s)
        s = s + plain_text.encode('ascii')
        signature = base64.b64encode(s).rstrip()    #生成签名
        return signature 
Example #11
Source File: helpers.py    From Telethon with MIT License 6 votes vote down vote up
def generate_key_data_from_nonce(server_nonce, new_nonce):
    """Generates the key data corresponding to the given nonce"""
    server_nonce = server_nonce.to_bytes(16, 'little', signed=True)
    new_nonce = new_nonce.to_bytes(32, 'little', signed=True)
    hash1 = sha1(new_nonce + server_nonce).digest()
    hash2 = sha1(server_nonce + new_nonce).digest()
    hash3 = sha1(new_nonce + new_nonce).digest()

    key = hash1 + hash2[:12]
    iv = hash2[12:20] + hash3 + new_nonce[:4]
    return key, iv


# endregion

# region Custom Classes 
Example #12
Source File: authkey.py    From Telethon with MIT License 6 votes vote down vote up
def key(self, value):
        if not value:
            self._key = self.aux_hash = self.key_id = None
            return

        if isinstance(value, type(self)):
            self._key, self.aux_hash, self.key_id = \
                value._key, value.aux_hash, value.key_id
            return

        self._key = value
        with BinaryReader(sha1(self._key).digest()) as reader:
            self.aux_hash = reader.read_long(signed=False)
            reader.read(4)
            self.key_id = reader.read_long(signed=False)

    # TODO This doesn't really fit here, it's only used in authentication 
Example #13
Source File: download.py    From insightface with MIT License 6 votes vote down vote up
def check_sha1(filename, sha1_hash):
    """Check whether the sha1 hash of the file content matches the expected hash.
    Parameters
    ----------
    filename : str
        Path to the file.
    sha1_hash : str
        Expected sha1 hash in hexadecimal digits.
    Returns
    -------
    bool
        Whether the file content matches the expected hash.
    """
    sha1 = hashlib.sha1()
    with open(filename, 'rb') as f:
        while True:
            data = f.read(1048576)
            if not data:
                break
            sha1.update(data)

    sha1_file = sha1.hexdigest()
    l = min(len(sha1_file), len(sha1_hash))
    return sha1.hexdigest()[0:l] == sha1_hash[0:l] 
Example #14
Source File: skype.py    From Radium with Apache License 2.0 6 votes vote down vote up
def get_md5_hash(self, enc_hex, key):
        # convert hash from hex to binary
        enc_binary = binascii.unhexlify(enc_hex)

        # retrieve the salt
        salt = hashlib.sha1('\x00\x00\x00\x00' + key).digest() + hashlib.sha1('\x00\x00\x00\x01' + key).digest()

        # encrypt value used with the XOR operation
        aes_key = self.aes_encrypt(struct.pack('I', 0) * 4, salt[0:32])[0:16]

        # XOR operation
        decrypted = []
        for d in range(16):
            decrypted.append(struct.unpack('B', enc_binary[d])[0] ^ struct.unpack('B', aes_key[d])[0])

        # cast the result byte
        tmp = ''
        for dec in decrypted:
            tmp = tmp + struct.pack(">I", dec).strip('\x00')

        # byte to hex
        return binascii.hexlify(tmp)

    # used for dictionary attack, if user specify a specific file 
Example #15
Source File: auth.py    From tornado-zh with MIT License 6 votes vote down vote up
def _oauth_signature(consumer_token, method, url, parameters={}, token=None):
    """Calculates the HMAC-SHA1 OAuth signature for the given request.

    See http://oauth.net/core/1.0/#signing_process
    """
    parts = urlparse.urlparse(url)
    scheme, netloc, path = parts[:3]
    normalized_url = scheme.lower() + "://" + netloc.lower() + path

    base_elems = []
    base_elems.append(method.upper())
    base_elems.append(normalized_url)
    base_elems.append("&".join("%s=%s" % (k, _oauth_escape(str(v)))
                               for k, v in sorted(parameters.items())))
    base_string = "&".join(_oauth_escape(e) for e in base_elems)

    key_elems = [escape.utf8(consumer_token["secret"])]
    key_elems.append(escape.utf8(token["secret"] if token else ""))
    key = b"&".join(key_elems)

    hash = hmac.new(key, escape.utf8(base_string), hashlib.sha1)
    return binascii.b2a_base64(hash.digest())[:-1] 
Example #16
Source File: auth.py    From tornado-zh with MIT License 6 votes vote down vote up
def _oauth10a_signature(consumer_token, method, url, parameters={}, token=None):
    """Calculates the HMAC-SHA1 OAuth 1.0a signature for the given request.

    See http://oauth.net/core/1.0a/#signing_process
    """
    parts = urlparse.urlparse(url)
    scheme, netloc, path = parts[:3]
    normalized_url = scheme.lower() + "://" + netloc.lower() + path

    base_elems = []
    base_elems.append(method.upper())
    base_elems.append(normalized_url)
    base_elems.append("&".join("%s=%s" % (k, _oauth_escape(str(v)))
                               for k, v in sorted(parameters.items())))

    base_string = "&".join(_oauth_escape(e) for e in base_elems)
    key_elems = [escape.utf8(urllib_parse.quote(consumer_token["secret"], safe='~'))]
    key_elems.append(escape.utf8(urllib_parse.quote(token["secret"], safe='~') if token else ""))
    key = b"&".join(key_elems)

    hash = hmac.new(key, escape.utf8(base_string), hashlib.sha1)
    return binascii.b2a_base64(hash.digest())[:-1] 
Example #17
Source File: trust_list.py    From oscrypto with MIT License 6 votes vote down vote up
def _cert_details(cert_pointer):
    """
    Return the certificate and a hash of it

    :param cert_pointer:
        A SecCertificateRef

    :return:
        A 2-element tuple:
         - [0]: A byte string of the SHA1 hash of the cert
         - [1]: A byte string of the DER-encoded contents of the cert
    """

    data_pointer = None

    try:
        data_pointer = Security.SecCertificateCopyData(cert_pointer)
        der_cert = CFHelpers.cf_data_to_bytes(data_pointer)
        cert_hash = hashlib.sha1(der_cert).digest()

        return (der_cert, cert_hash)

    finally:
        if data_pointer is not None:
            CoreFoundation.CFRelease(data_pointer) 
Example #18
Source File: utils.py    From wechatpy with MIT License 6 votes vote down vote up
def check_wxa_signature(session_key, raw_data, client_signature):
    """校验前端传来的rawData签名正确
    详情请参考
    https://developers.weixin.qq.com/miniprogram/dev/framework/open-ability/signature.html # noqa

    :param session_key: code换取的session_key
    :param raw_data: 前端拿到的rawData
    :param client_signature: 前端拿到的signature
    :raises: InvalidSignatureException
    :return: 返回数据dict
    """
    str2sign = (raw_data + session_key).encode("utf-8")
    signature = hashlib.sha1(str2sign).hexdigest()
    if signature != client_signature:
        from wechatpy.exceptions import InvalidSignatureException

        raise InvalidSignatureException() 
Example #19
Source File: bccache.py    From misp42splunk with GNU Lesser General Public License v3.0 5 votes vote down vote up
def get_source_checksum(self, source):
        """Returns a checksum for the source."""
        return sha1(source.encode('utf-8')).hexdigest() 
Example #20
Source File: Hasher.py    From hacking-tools with MIT License 5 votes vote down vote up
def getHash(self,data,asHex=False):
        sha1 = hashlib.sha1()
        sha1.update(data.encode())
        return sha1.hexdigest() if asHex else sha1.digest() 
Example #21
Source File: ipmisim.py    From ipmisim with Apache License 2.0 5 votes vote down vote up
def _got_rakp1(self, data):
        clienttag = data[0]
        self.Rm = data[8:24]
        self.rolem = data[24]
        self.maxpriv = self.rolem & 0b111
        namepresent = data[27]
        if namepresent == 0:
            self.close_server_session()
            return
        usernamebytes = data[28:]
        self.username = struct.pack('%dB' % len(usernamebytes), *usernamebytes)
        if self.username not in self.authdata:
            self.close_server_session()
            return
        uuidbytes = self.uuid.bytes
        uuidbytes = list(struct.unpack('%dB' % len(uuidbytes), uuidbytes))
        self.uuiddata = uuidbytes
        self.Rc = list(struct.unpack('16B', os.urandom(16)))
        hmacdata = (self.clientsessionid + self.managedsessionid + self.Rm + self.Rc + uuidbytes +
                    [self.rolem, len(self.username)])
        hmacdata = struct.pack('%dB' % len(hmacdata), *hmacdata)
        hmacdata += self.username
        self.kuid = self.authdata[self.username]
        if self.kg is None:
            self.kg = self.kuid
        authcode = hmac.new(self.kuid, hmacdata, hashlib.sha1).digest()
        authcode = list(struct.unpack('%dB' % len(authcode), authcode))
        newmessage = ([clienttag, 0, 0, 0] + self.clientsessionid + self.Rc + uuidbytes + authcode)
        logger.debug('IPMI rakp1 request')
        self.session.send_payload(newmessage, constants.payload_types['rakp2'], retry=False) 
Example #22
Source File: mmbot.py    From MaliciousMacroBot with MIT License 5 votes vote down vote up
def get_file_hash(self, pathtofile):
        """
        Computes the MD5 hash of the file
        :param pathtofile: absolute or relative path to a file
        :return: md5 hash of file as a string
        """
        if os.path.isfile(pathtofile):
            with open(pathtofile, 'rb') as file_to_hash:
                filedata = file_to_hash.read()
                md5 = hashlib.md5(filedata).hexdigest()
                # sha1 = hashlib.sha1(filedata).hexdigest()
                # sha256 = hashlib.sha256(filedata).hexdigest()
                return md5
        return None 
Example #23
Source File: services.py    From shhh with MIT License 5 votes vote down vote up
def pwned_password(passphrase: str) -> Union[int, bool]:
    """Check passphrase with Troy's Hunt haveibeenpwned API.

    Query the API to check if the passphrase has already been pwned in the
    past. If it has, returns the number of times it has been pwned, else
    returns False.

    Notes:
        (source haveibeenpwned.com)

        (...) implements a k-Anonymity model that allows a password to be
        searched for by partial hash. This allows the first 5 characters of a
        SHA-1 password hash (not case-sensitive) to be passed to the API.

        When a password hash with the same first 5 characters is found in the
        Pwned Passwords repository, the API will respond with an HTTP 200 and
        include the suffix of every hash beginning with the specified prefix,
        followed by a count of how many times it appears in the data set. The
        API consumer can then search the results of the response for the
        presence of their source hash.

    """
    # See nosec exclusion explanation in function docstring, we are cropping
    # the hash to use a k-Anonymity model to retrieve the pwned passwords.
    hasher = hashlib.sha1()  # nosec
    hasher.update(passphrase.encode("utf-8"))
    digest = hasher.hexdigest().upper()

    endpoint = "https://api.pwnedpasswords.com/range"
    r = requests.get(f"{endpoint}/{digest[:5]}", timeout=5)
    r.raise_for_status()

    for line in r.text.split('\n'):
        info = line.split(':')
        if info[0] == digest[5:]:
            return int(info[1])

    # Password hasn't been pwned.
    return False 
Example #24
Source File: api_client.py    From fishroom with GNU General Public License v3.0 5 votes vote down vote up
def auth(self, token_id, token_key):
        saved = self.r.hget(self.clients_key, token_id)
        if not saved:
            return False

        m = hashlib.sha1()
        m.update(token_key.encode('utf-8'))
        return m.digest() == saved 
Example #25
Source File: textstore.py    From fishroom with GNU General Public License v3.0 5 votes vote down vote up
def new_paste(self, text, sender, **kwargs):
        now = get_now().strftime("%Y-%m-%d %H:%M:%S")
        s = hashlib.sha1()
        s.update((text+sender+now).encode("utf-8"))
        _id = s.hexdigest()[:16]
        key = self.KEY_TMPL.format(id=_id)
        value = json.dumps({
            "title": "Text from {}".format(sender),
            "time": now,
            "content": text,
        })
        self.r.set(key, value)
        return self.URL_TMPL.format(id=_id) 
Example #26
Source File: authkey.py    From Telethon with MIT License 5 votes vote down vote up
def calc_new_nonce_hash(self, new_nonce, number):
        """
        Calculates the new nonce hash based on the current attributes.

        :param new_nonce: the new nonce to be hashed.
        :param number: number to prepend before the hash.
        :return: the hash for the given new nonce.
        """
        new_nonce = new_nonce.to_bytes(32, 'little', signed=True)
        data = new_nonce + struct.pack('<BQ', number, self.aux_hash)

        # Calculates the message key from the given data
        return int.from_bytes(sha1(data).digest()[4:20], 'little', signed=True) 
Example #27
Source File: __init__.py    From stoq with Apache License 2.0 5 votes vote down vote up
def get_sha1(content: bytes) -> str:
    """
    Return SHA1 hash of bytes

    """
    return hashlib.sha1(content).hexdigest() 
Example #28
Source File: Mozilla.py    From Radium with Apache License 2.0 5 votes vote down vote up
def decrypt3DES(self, globalSalt, masterPassword, entrySalt, encryptedData):
        hp = sha1(globalSalt + masterPassword).digest()
        pes = entrySalt + '\x00' * (20 - len(entrySalt))
        chp = sha1(hp + entrySalt).digest()
        k1 = hmac.new(chp, pes + entrySalt, sha1).digest()
        tk = hmac.new(chp, pes, sha1).digest()
        k2 = hmac.new(chp, tk + entrySalt, sha1).digest()
        k = k1 + k2
        iv = k[-8:]
        key = k[:24]

        return DES3.new(key, DES3.MODE_CBC, iv).decrypt(encryptedData) 
Example #29
Source File: bccache.py    From misp42splunk with GNU Lesser General Public License v3.0 5 votes vote down vote up
def get_cache_key(self, name, filename=None):
        """Returns the unique hash key for this template name."""
        hash = sha1(name.encode('utf-8'))
        if filename is not None:
            filename = '|' + filename
            if isinstance(filename, text_type):
                filename = filename.encode('utf-8')
            hash.update(filename)
        return hash.hexdigest() 
Example #30
Source File: request.py    From verge3d-blender-addon with GNU General Public License v3.0 5 votes vote down vote up
def get_algorithm_impls(self, algorithm):
        # lambdas assume digest modules are imported at the top level
        if algorithm == 'MD5':
            H = lambda x: hashlib.md5(x.encode("ascii")).hexdigest()
        elif algorithm == 'SHA':
            H = lambda x: hashlib.sha1(x.encode("ascii")).hexdigest()
        # XXX MD5-sess
        KD = lambda s, d: H("%s:%s" % (s, d))
        return H, KD