Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Hash algorithm from example docs raises error #319

Open
stocktons opened this issue Nov 22, 2023 · 2 comments
Open

Hash algorithm from example docs raises error #319

stocktons opened this issue Nov 22, 2023 · 2 comments

Comments

@stocktons
Copy link

The example given in the docs/settings.md uses a hashlib algorithm:

REST_KNOX = {
  'SECURE_HASH_ALGORITHM': 'hashlib.sha512',
...

This leads to an error, however, when the login route hits the hash_token function in crypto.py:

def hash_token(token):
    '''
    Calculates the hash of a token.
    input is unhexlified

    token must contain an even number of hex digits or a binascii.Error
    exception will be raised
    '''

    digest = hashes.Hash(sha(), backend=default_backend())
    digest.update(binascii.unhexlify(token))
    return binascii.hexlify(digest.finalize()).decode()

specifically when calling hashes.Hash.

My fix was to change settings.py to leverage the hashes being imported into crypto.py: cryptography.hazmat.primitives like so:

  'SECURE_HASH_ALGORITHM': 'cryptography.hazmat.primitives.hashes.SHA3_512',

Is this something that needs to be updated or am I missing something in how to correctly use the suggested code?

Full error:

Internal Server Error: /login/
Traceback (most recent call last):
  File "/Users/sarah/Projects/django-rest-tutorial/venv/lib/python3.11/site-packages/django/core/handlers/exception.py", line 55, in inner
    response = get_response(request)
               ^^^^^^^^^^^^^^^^^^^^^
  File "/Users/sarah/Projects/django-rest-tutorial/venv/lib/python3.11/site-packages/django/core/handlers/base.py", line 197, in _get_response
    response = wrapped_callback(request, *callback_args, **callback_kwargs)
               ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/Users/sarah/Projects/django-rest-tutorial/venv/lib/python3.11/site-packages/django/views/decorators/csrf.py", line 56, in wrapper_view
    return view_func(*args, **kwargs)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/Users/sarah/Projects/django-rest-tutorial/venv/lib/python3.11/site-packages/django/views/generic/base.py", line 104, in view
    return self.dispatch(request, *args, **kwargs)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/Users/sarah/Projects/django-rest-tutorial/venv/lib/python3.11/site-packages/rest_framework/views.py", line 509, in dispatch
    response = self.handle_exception(exc)
               ^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/Users/sarah/Projects/django-rest-tutorial/venv/lib/python3.11/site-packages/rest_framework/views.py", line 469, in handle_exception
    self.raise_uncaught_exception(exc)
  File "/Users/sarah/Projects/django-rest-tutorial/venv/lib/python3.11/site-packages/rest_framework/views.py", line 480, in raise_uncaught_exception
    raise exc
  File "/Users/sarah/Projects/django-rest-tutorial/venv/lib/python3.11/site-packages/rest_framework/views.py", line 506, in dispatch
    response = handler(request, *args, **kwargs)
               ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/Users/sarah/Projects/django-rest-tutorial/tutorial/tutorial/views.py", line 34, in post
    return super(LoginView, self).post(request, format=None)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/Users/sarah/Projects/django-rest-tutorial/venv/lib/python3.11/site-packages/knox/views.py", line 63, in post
    instance, token = AuthToken.objects.create(request.user, token_ttl)
                      ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/Users/sarah/Projects/django-rest-tutorial/venv/lib/python3.11/site-packages/knox/models.py", line 14, in create
    digest = crypto.hash_token(token)
             ^^^^^^^^^^^^^^^^^^^^^^^^
  File "/Users/sarah/Projects/django-rest-tutorial/venv/lib/python3.11/site-packages/knox/crypto.py", line 26, in hash_token
    digest = hashes.Hash(sha(), backend=default_backend())
             ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
TypeError: Expected instance of hashes.HashAlgorithm.
@zankoAn
Copy link

zankoAn commented Dec 22, 2023
edited

@stocktons There are upcoming changes in Knox, not yet on PyPI. Previously, it used the cryptography package, but the new update employs hashlib. The 'hashlib.sha512' suggestion in 'docs/settings.md' is for this new changes. And your edit using 'cryptography.hazmat.primitives.hashes.SHA512' is accurate. Since the update isn't released yet and is just on GitHub (Also you can install the GitHub version)

Related Commit: 78fe0c6

@stocktons
Copy link
Author

Thanks for the clarification!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@zankoAn @stocktons