将 python 脚本 TBA SHA1 更改为 SHA256
Changing python script TBA SHA1 to SHA256
我最近被聘为初级开发人员,这是我在一家使用 NetSuite 的大公司的第一份工作。一位老开发人员写了一个 python 脚本来处理设计师制作的图片,当图片上传到特定文件夹时,它会将图片上传到 NetSuite。
由于脚本使用 SHA1,我需要将 TBA 更改为 SHA256,因为 NetSuite 不再支持 SHA1。
我很难理解旧开发人员的代码,并找到有关如何将 TBA 从 SHA1 更改为 SHA256 的文档..
这些是代码片段。
import datetime
import requests
import os
import oauth2 as oauth
import json
import time
import base64
import sys
import hashlib
import hmac
url = "https://xxxxx=1"
token = oauth.Token(key="xxxxxxxxxxx",secret="xxxxxxxxxx")
consumer = oauth.Consumer(key="xxxxxxxxxxxxxxxx",secret="xxxxxxxxxxxxxxxx")
realm="xxxxxxxxxxxxxx"
signature_method = oauth.SignatureMethod_HMAC_SHA1()
在这部分我了解到他初始化方法oauth.SignatureMethod_HMAC_SHA1()。
然后当我转到 oauth 文件时,我找到了这个
class SignatureMethod_HMAC_SHA1(SignatureMethod):
name = 'HMAC-SHA1'
def signing_base(self, request, consumer, token):
if (not hasattr(request, 'normalized_url') or request.normalized_url is None):
raise ValueError("Base URL for request is not set.")
sig = (
escape(request.method),
escape(request.normalized_url),
escape(request.get_normalized_parameters()),
)
key = '%s&' % escape(consumer.secret)
if token:
key += escape(token.secret)
raw = '&'.join(sig)
return key.encode('ascii'), raw.encode('ascii')
def sign(self, request, consumer, token):
"""Builds the base signature string."""
key, raw = self.signing_base(request, consumer, token)
hashed = hmac.new(key, raw, sha1)
# Calculate the digest base 64.
return binascii.b2a_base64(hashed.digest())[:-1]
我查看了这个文件,它不包含任何包含 SHA256 的方法。只有 SHA1 和 PLAINTEXT。
我试图将值更改为 SHA256,但这当然不起作用。
我试图查找有关 oAuth2 的文档,但我只找到了非常少量的信息,而且它似乎只包含 SHA1 和 PLAINTEXT..
那么如何更改脚本以使用 SHA256 而不是 SHA1?
编辑以回复评论
Hashlib 包含这个:
class _Hash(object):
digest_size: int
block_size: int
# [Python documentation note] Changed in version 3.4: The name attribute has
# been present in CPython since its inception, but until Python 3.4 was not
# formally specified, so may not exist on some platforms
name: str
def __init__(self, data: _DataType = ...) -> None: ...
def copy(self) -> _Hash: ...
def digest(self) -> bytes: ...
def hexdigest(self) -> str: ...
def update(self, arg: _DataType) -> None: ...
def md5(arg: _DataType = ...) -> _Hash: ...
def sha1(arg: _DataType = ...) -> _Hash: ...
def sha224(arg: _DataType = ...) -> _Hash: ...
def sha256(arg: _DataType = ...) -> _Hash: ...
def sha384(arg: _DataType = ...) -> _Hash: ...
def sha512(arg: _DataType = ...) -> _Hash: ...
def new(name: str, data: _DataType = ...) -> _Hash: ...
algorithms_guaranteed: AbstractSet[str]
algorithms_available: AbstractSet[str]
def pbkdf2_hmac(hash_name: str, password: _DataType, salt: _DataType, iterations: int, dklen: Optional[int] = ...) -> bytes: ...
if sys.version_info >= (3, 6):
class _VarLenHash(object):
digest_size: int
block_size: int
name: str
def __init__(self, data: _DataType = ...) -> None: ...
def copy(self) -> _VarLenHash: ...
def digest(self, length: int) -> bytes: ...
def hexdigest(self, length: int) -> str: ...
def update(self, arg: _DataType) -> None: ...
sha3_224 = _Hash
sha3_256 = _Hash
sha3_384 = _Hash
sha3_512 = _Hash
shake_128 = _VarLenHash
shake_256 = _VarLenHash
def scrypt(password: _DataType, *, salt: _DataType, n: int, r: int, p: int, maxmem: int = ..., dklen: int = ...) -> bytes: ...
class _BlakeHash(_Hash):
MAX_DIGEST_SIZE: int
MAX_KEY_SIZE: int
PERSON_SIZE: int
SALT_SIZE: int
def __init__(self, data: _DataType = ..., digest_size: int = ..., key: _DataType = ..., salt: _DataType = ..., person: _DataType = ..., fanout: int = ..., depth: int = ..., leaf_size: int = ..., node_offset: int = ..., node_depth: int = ..., inner_size: int = ..., last_node: bool = ...) -> None: ...
blake2b = _BlakeHash
blake2s = _BlakeHash
Haslib文件中已经有sha256()函数,
所以你可以尝试在 oauth 文件中添加一个新的 class SignatureMethod_HMAC_SHA256 ,它类似于 SHA1.
只需像这样更改 hmac.new() 函数的参数:
hashed = hmac.new(key, raw, sha256)
整个 class 可以是这样的:
class SignatureMethod_HMAC_SHA256(SignatureMethod):
name = 'HMAC-SHA256'
def signing_base(self, request, consumer, token):
if (not hasattr(request, 'normalized_url') or request.normalized_url is None):
raise ValueError("Base URL for request is not set.")
sig = (
escape(request.method),
escape(request.normalized_url),
escape(request.get_normalized_parameters()),
)
key = '%s&' % escape(consumer.secret)
if token:
key += escape(token.secret)
raw = '&'.join(sig)
return key.encode('ascii'), raw.encode('ascii')
def sign(self, request, consumer, token):
"""Builds the base signature string."""
key, raw = self.signing_base(request, consumer, token)
hashed = hmac.new(key, raw, sha256)
# Calculate the digest base 64.
return binascii.b2a_base64(hashed.digest())[:-1]
然后您可以简单地在脚本中调用新的 SHA256 方法来代替已弃用的 SHA1 方法:
signature_method = oauth.SignatureMethod_HMAC_SHA256()
我最近被聘为初级开发人员,这是我在一家使用 NetSuite 的大公司的第一份工作。一位老开发人员写了一个 python 脚本来处理设计师制作的图片,当图片上传到特定文件夹时,它会将图片上传到 NetSuite。
由于脚本使用 SHA1,我需要将 TBA 更改为 SHA256,因为 NetSuite 不再支持 SHA1。
我很难理解旧开发人员的代码,并找到有关如何将 TBA 从 SHA1 更改为 SHA256 的文档..
这些是代码片段。
import datetime
import requests
import os
import oauth2 as oauth
import json
import time
import base64
import sys
import hashlib
import hmac
url = "https://xxxxx=1"
token = oauth.Token(key="xxxxxxxxxxx",secret="xxxxxxxxxx")
consumer = oauth.Consumer(key="xxxxxxxxxxxxxxxx",secret="xxxxxxxxxxxxxxxx")
realm="xxxxxxxxxxxxxx"
signature_method = oauth.SignatureMethod_HMAC_SHA1()
在这部分我了解到他初始化方法oauth.SignatureMethod_HMAC_SHA1()。
然后当我转到 oauth 文件时,我找到了这个
class SignatureMethod_HMAC_SHA1(SignatureMethod):
name = 'HMAC-SHA1'
def signing_base(self, request, consumer, token):
if (not hasattr(request, 'normalized_url') or request.normalized_url is None):
raise ValueError("Base URL for request is not set.")
sig = (
escape(request.method),
escape(request.normalized_url),
escape(request.get_normalized_parameters()),
)
key = '%s&' % escape(consumer.secret)
if token:
key += escape(token.secret)
raw = '&'.join(sig)
return key.encode('ascii'), raw.encode('ascii')
def sign(self, request, consumer, token):
"""Builds the base signature string."""
key, raw = self.signing_base(request, consumer, token)
hashed = hmac.new(key, raw, sha1)
# Calculate the digest base 64.
return binascii.b2a_base64(hashed.digest())[:-1]
我查看了这个文件,它不包含任何包含 SHA256 的方法。只有 SHA1 和 PLAINTEXT。
我试图将值更改为 SHA256,但这当然不起作用。 我试图查找有关 oAuth2 的文档,但我只找到了非常少量的信息,而且它似乎只包含 SHA1 和 PLAINTEXT..
那么如何更改脚本以使用 SHA256 而不是 SHA1?
编辑以回复评论
Hashlib 包含这个:
class _Hash(object):
digest_size: int
block_size: int
# [Python documentation note] Changed in version 3.4: The name attribute has
# been present in CPython since its inception, but until Python 3.4 was not
# formally specified, so may not exist on some platforms
name: str
def __init__(self, data: _DataType = ...) -> None: ...
def copy(self) -> _Hash: ...
def digest(self) -> bytes: ...
def hexdigest(self) -> str: ...
def update(self, arg: _DataType) -> None: ...
def md5(arg: _DataType = ...) -> _Hash: ...
def sha1(arg: _DataType = ...) -> _Hash: ...
def sha224(arg: _DataType = ...) -> _Hash: ...
def sha256(arg: _DataType = ...) -> _Hash: ...
def sha384(arg: _DataType = ...) -> _Hash: ...
def sha512(arg: _DataType = ...) -> _Hash: ...
def new(name: str, data: _DataType = ...) -> _Hash: ...
algorithms_guaranteed: AbstractSet[str]
algorithms_available: AbstractSet[str]
def pbkdf2_hmac(hash_name: str, password: _DataType, salt: _DataType, iterations: int, dklen: Optional[int] = ...) -> bytes: ...
if sys.version_info >= (3, 6):
class _VarLenHash(object):
digest_size: int
block_size: int
name: str
def __init__(self, data: _DataType = ...) -> None: ...
def copy(self) -> _VarLenHash: ...
def digest(self, length: int) -> bytes: ...
def hexdigest(self, length: int) -> str: ...
def update(self, arg: _DataType) -> None: ...
sha3_224 = _Hash
sha3_256 = _Hash
sha3_384 = _Hash
sha3_512 = _Hash
shake_128 = _VarLenHash
shake_256 = _VarLenHash
def scrypt(password: _DataType, *, salt: _DataType, n: int, r: int, p: int, maxmem: int = ..., dklen: int = ...) -> bytes: ...
class _BlakeHash(_Hash):
MAX_DIGEST_SIZE: int
MAX_KEY_SIZE: int
PERSON_SIZE: int
SALT_SIZE: int
def __init__(self, data: _DataType = ..., digest_size: int = ..., key: _DataType = ..., salt: _DataType = ..., person: _DataType = ..., fanout: int = ..., depth: int = ..., leaf_size: int = ..., node_offset: int = ..., node_depth: int = ..., inner_size: int = ..., last_node: bool = ...) -> None: ...
blake2b = _BlakeHash
blake2s = _BlakeHash
Haslib文件中已经有sha256()函数, 所以你可以尝试在 oauth 文件中添加一个新的 class SignatureMethod_HMAC_SHA256 ,它类似于 SHA1.
只需像这样更改 hmac.new() 函数的参数:
hashed = hmac.new(key, raw, sha256)
整个 class 可以是这样的:
class SignatureMethod_HMAC_SHA256(SignatureMethod):
name = 'HMAC-SHA256'
def signing_base(self, request, consumer, token):
if (not hasattr(request, 'normalized_url') or request.normalized_url is None):
raise ValueError("Base URL for request is not set.")
sig = (
escape(request.method),
escape(request.normalized_url),
escape(request.get_normalized_parameters()),
)
key = '%s&' % escape(consumer.secret)
if token:
key += escape(token.secret)
raw = '&'.join(sig)
return key.encode('ascii'), raw.encode('ascii')
def sign(self, request, consumer, token):
"""Builds the base signature string."""
key, raw = self.signing_base(request, consumer, token)
hashed = hmac.new(key, raw, sha256)
# Calculate the digest base 64.
return binascii.b2a_base64(hashed.digest())[:-1]
然后您可以简单地在脚本中调用新的 SHA256 方法来代替已弃用的 SHA1 方法:
signature_method = oauth.SignatureMethod_HMAC_SHA256()