Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support HTTP digest authentication algorithm SHA-256 as per RFC-7617 #128192

Open
calvinbui opened this issue Dec 23, 2024 · 2 comments
Open

Support HTTP digest authentication algorithm SHA-256 as per RFC-7617 #128192

calvinbui opened this issue Dec 23, 2024 · 2 comments
Labels
stdlib Python modules in the Lib dir type-feature A feature request or enhancement

Comments

@calvinbui
Copy link

calvinbui commented Dec 23, 2024
edited by bedevere-app bot
Loading

Feature or enhancement

Proposal:

Support SHA-256 digest authentication following RFC7616 - https://datatracker.ietf.org/doc/html/rfc7616

CPython currently supports MD5 and SHA1 only.

Other possible methods include SHA-256-ness, SHA-512-256 and SHA-512-256-sess which hashlib doesn't currently appear to support out of the box.

Has this already been discussed elsewhere?

No response given

Links to previous discussion of this feature:

No response

Linked PRs
@calvinbui calvinbui added the type-feature A feature request or enhancement label Dec 23, 2024
@bedevere-app bedevere-app bot mentioned this issue Dec 23, 2024
Open
@rruuaanng
Copy link
Contributor

I think we only need SHA256. That is say.

from RFC-7616

   This specification defines the following algorithms:

   o  SHA2-256 (mandatory to implement)

   o  SHA2-512/256 (as a backup algorithm)

   o  MD5 (for backward compatibility).

@picnixz picnixz added the stdlib Python modules in the Lib dir label Dec 24, 2024
@picnixz picnixz changed the title Support digest authentication algorithm SHA-256 Support HTTP digest authentication algorithm SHA-256 as per RFC-7617 Dec 24, 2024
@picnixz
Copy link
Contributor

picnixz commented Dec 24, 2024
edited
Loading

We do support SHA-512-256 in hashlib if the underlying OpenSSL library implements it. This is the truncated SHA-2-512. This can be constructed via hashlib.new('SHA512_256') (other names are available, see https://docs.openssl.org/3.3/man7/EVP_MD-SHA2/#identities) (there is no dedicated constructor for this function though).

As for SHA-256-ness and SHA-512-sess are similar to SHA-256/512 and only differ in how A1 is computed (see https://datatracker.ietf.org/doc/html/rfc7616#section-3.4.2).

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
stdlib Python modules in the Lib dir type-feature A feature request or enhancement
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@calvinbui @picnixz @rruuaanng