Skip to content
GitLab
Explore
Sign in
Commits on Source (1)
Hash the email address before using it in the DEK generation function
· 416b72ad
Marco De Donno
authored
Sep 03, 2019
416b72ad
Hide whitespace changes
Inline
Side-by-side
module.py
View file @
416b72ad
...
...
@@ -1687,8 +1687,10 @@ def submission_do_new():
data
=
(
username
,
email_hash
,
2
)
donor_user_id
=
config
.
db
.
query_fetchone
(
sql
,
data
)[
"
id
"
]
email
=
pbkdf2
(
email
,
"
icnml_user_DEK
"
).
hash
(
True
)
dek_salt
=
random_data
(
100
)
dek
=
pbkdf2
(
"
{}:{}
"
.
format
(
username
,
email
,
),
dek_salt
,
iterations
=
config
.
DEK_NB_ITERATIONS
,
hash_name
=
"
sha512
"
).
hash
(
True
)
dek_check
=
{
"
value
"
:
"
ok
"
,
"
time
"
:
int
(
time
.
time
()
*
1000
),
...
...
Marco De Donno authored