blob: 443774461563aba8dd32b7ea656efd9d50d32dfd (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
|
#!/bin/python2
import web
from time import sleep
import hashlib
import hmac
urls = (
'/', 'index'
)
class crypto:
def __init__(self):
self.key = "bummbamm"
def insecure_compare(self, hmac_arg, filename, key):
print hmac_arg
print filename
com_hmac = hmac.new(key, filename, hashlib.sha1).digest()
com_hmac = com_hmac.encode("hex")
print com_hmac
for i in range(len(hmac_arg)):
if hmac_arg[i] == com_hmac[i]:
sleep(0.05)
else:
break
return 200
class index():
def GET(self):
cry = crypto()
print cry.key
f = web.input()
back = f["file"] + " : " + f["signature"]
cry.insecure_compare(f["signature"], f["file"], cry.key)
print f
return back
if __name__ == "__main__":
app = web.application(urls, globals())
app.run()
|
