Switched from pycrypto to pycryptodome.

oidc_example/rp3/rp3.py

@@ -163,6 +163,7 @@ def application(environ, start_response):
             if isinstance(result, Redirect):
                 return result(environ, start_response)
         except OIDCError as err:
+            trace
             return operror(environ, start_response, "%s" % err)
         except Exception as err:
             raise

setup.py

@@ -70,7 +70,7 @@ def run_tests(self):
     },
     install_requires=[
                          "requests",
-                         "pycrypto>=2.6.1",
+                         "pycryptodome",
                          "pyjwkest>=1.0.6",
                          "mako",
                          "beaker",

src/oic/__init__.py

@@ -1,2 +1,2 @@
 __author__ = 'rohe0002'
-__version__ = '0.7.9b0'
+__version__ = '0.8.0'

src/oic/extension/client.py

@@ -3,6 +3,7 @@
 import random
 import string
 from jwkest import b64e
+import six
 from oic.oauth2.exception import Unsupported
 from oic.oauth2.message import AuthorizationRequest
 import requests
@@ -487,7 +488,11 @@ def parse_authz_response(self, query):
 
 
 def make_software_statement(keyjar, iss, **kwargs):
-    params = list(inspect.signature(JWT.__init__).parameters.keys())
+    if six.PY3:
+        params = list(inspect.signature(JWT.__init__).parameters.keys())
+    else:
+        params = inspect.getargspec(JWT.__init__).args
+
     params.remove('self')
 
     args = {}

src/oic/utils/aes.py

@@ -3,8 +3,10 @@
 from Crypto import Random
 from Crypto.Cipher import AES
 from base64 import b64encode, b64decode
+from future.utils import tobytes
 
 from six import indexbytes
+import six
 
 __author__ = 'rolandh'
 
@@ -43,7 +45,7 @@ def build_cipher(key, iv, alg="aes_128_cbc"):
         raise AESError("Wrong Key length")
 
     try:
-        return AES.new(key, POSTFIX_MODE[cmode], iv), iv
+        return AES.new(tobytes(key), POSTFIX_MODE[cmode], tobytes(iv)), iv
     except KeyError:
         raise AESError("Unsupported chaining mode")
 
@@ -70,10 +72,10 @@ def encrypt(key, msg, iv=None, alg="aes_128_cbc", padding="PKCS#7",
     if _block_size:
         plen = _block_size - (len(msg) % _block_size)
         c = chr(plen)
-        msg += c * plen
+        msg += (c * plen)
 
-    cipher, iv = build_cipher(key, iv, alg)
-    cmsg = iv + cipher.encrypt(msg)
+    cipher, iv = build_cipher(tobytes(key), iv, alg)
+    cmsg = iv + cipher.encrypt(tobytes(msg))
     if b64enc:
         return b64encode(cmsg)
     else:

src/oic/utils/rp/__init__.py

@@ -1,6 +1,7 @@
 import copy
 import hashlib
 from future.backports.urllib.parse import urlsplit
+from oic.oic.message import OpenIDSchema
 
 from oic import oic
 
@@ -171,6 +172,11 @@ def callback(self, response, session, format='dict'):
                 self.id_token = {user_id: _id_token}
         else:
             userinfo = {}
+            for attr in OpenIDSchema.c_param:
+                try:
+                    userinfo[attr] = _id_token[attr]
+                except KeyError:
+                    pass
 
         return {'user_id': user_id, 'userinfo': userinfo, 'id_token': _id_token}
 

src/oic/utils/sdb.py

@@ -10,6 +10,7 @@
 import logging
 
 from Crypto.Cipher import AES
+from future.utils import tobytes
 
 from oic.oic import AuthorizationRequest
 from oic.oauth2 import rndstr
@@ -23,15 +24,15 @@
 def lv_pack(*args):
     s = []
     for a in args:
-        s.append('{}:{}'.format(len(a),a))
+        s.append('{}:{}'.format(len(a), a))
     return ''.join(s)
 
 
 def lv_unpack(txt):
     txt = txt.strip()
     res = []
     while txt:
-        l,v = txt.split(':', 1)
+        l, v = txt.split(':', 1)
         res.append(v[:int(l)])
         txt = v[int(l):]
     return res
@@ -67,15 +68,16 @@ def __init__(self, password, mode=AES.MODE_CBC):
     def encrypt(self, text):
         # setting iv because the underlying AES module misbehaves
         # on certain platforms
-        encryptor = AES.new(self.key, self.mode, IV="0" * 16)
+        encryptor = AES.new(self.key, self.mode, IV=b'0' * 16)
 
+        text = tobytes(text)
         if len(text) % 16:
-            text += ' ' * (16 - len(text) % 16)
+            text += b' ' * (16 - len(text) % 16)
 
         return encryptor.encrypt(text)
 
     def decrypt(self, ciphertext):
-        decryptor = AES.new(self.key, self.mode, IV="0" * 16)
+        decryptor = AES.new(self.key, self.mode, IV=b'0' * 16)
         return decryptor.decrypt(ciphertext)
 
 
@@ -165,7 +167,8 @@ def __call__(self, sid='', ttype='', **kwargs):
             rnd = rndstr(32)  # Ultimate length multiple of 16
 
         return base64.b64encode(
-            self.crypt.encrypt(lv_pack(rnd, ttype, sid))).decode("utf-8")
+            self.crypt.encrypt(lv_pack(rnd, ttype, sid).encode())).decode(
+            "utf-8")
 
     def key(self, user="", areq=None):
         """

tests/test_aes.py

@@ -4,7 +4,7 @@
 
 
 def test_encrypt_decrypt():
-    key_ = "1234523451234545"  # 16 byte key
+    key_ = b"1234523451234545"  # 16 byte key
     # Iff padded the message doesn't have to be multiple of 16 in length
     msg_ = "ToBeOrNotTobe W.S."
     iv_ = os.urandom(16)

tests/test_ext_provider.py

@@ -17,7 +17,6 @@
 from oic.oauth2.message import AccessTokenRequest
 from oic.oauth2.message import AccessTokenResponse
 from oic.oauth2.message import TokenErrorResponse
-from oic.utils import sdb
 
 from oic.extension.client import Client
 from oic.extension.provider import Provider

tests/test_http_util.py

@@ -20,7 +20,7 @@ def start_response(status, headers):
 
         resp = Response(message, headers=[response_header])
         result = resp({}, start_response)
-        assert result == [message.encode("utf-8")]
+        assert result == [message.encode('utf8')]
 
 
 @pytest.fixture