diff options
Diffstat (limited to 'set4/webapp.py')
| -rw-r--r-- | set4/webapp.py | 46 |
1 files changed, 46 insertions, 0 deletions
diff --git a/set4/webapp.py b/set4/webapp.py new file mode 100644 index 0000000..4437744 --- /dev/null +++ b/set4/webapp.py @@ -0,0 +1,46 @@ +#!/bin/python2 + +import web +from time import sleep +import hashlib +import hmac + +urls = ( + '/', 'index' +) + +class crypto: + def __init__(self): + self.key = "bummbamm" + + def insecure_compare(self, hmac_arg, filename, key): + print hmac_arg + print filename + com_hmac = hmac.new(key, filename, hashlib.sha1).digest() + + com_hmac = com_hmac.encode("hex") + print com_hmac + + for i in range(len(hmac_arg)): + if hmac_arg[i] == com_hmac[i]: + sleep(0.05) + else: + break + + return 200 + + +class index(): + def GET(self): + cry = crypto() + print cry.key + f = web.input() + back = f["file"] + " : " + f["signature"] + cry.insecure_compare(f["signature"], f["file"], cry.key) + print f + return back + +if __name__ == "__main__": + app = web.application(urls, globals()) + app.run() + |