If all you want is a simple dictionary, I would recommend using the marshal module rather than pickle. Marshal only allows basic Python types, rather than arbitrary data and is generally considered to be safer.
On 4 December 2012 03:59, Mikko Ohtamaa <[email protected]>wrote: > > > On Tue, Dec 4, 2012 at 1:26 AM, Sean Upton <[email protected]> wrote: > >> For one of my add-ons, I need to sign trusted pickle data, and want: >> > > In a related news, I had similar use case for encrypted in Archetypes > field: > > https://github.com/miohtama/archetypes.encryptedfield > > >> >> (1) to use HMAC-SHA256 to sign a message. >> >> (2) want an easy -- as in "I do not want to think about managing my >> own secret" easy -- way to use a per-site secret key. >> >> Is using the system secret from plone.keyring suitable here? Something >> like: >> >> ## assume from this example that the local component site is set via >> ## zope.component.hooks.setSite to a Plone site: >> >> # sign a pickle: >> >> >>> import hashlib >> >>> import hmac >> >>> import base64 >> >>> import pickle >> >>> from plone.keyring.interfaces import IKeyManager >> >>> from zope.component import queryUtility >> >>> from zope.component.hooks import setSite >> >>> rawdata = {'this:'Arbitrary data woohoo!'} >> >>> data = pickle.dumps(rawdata) >> >>> secret = queryUtility(IKeyManager).secret() >> >>> signature = hmac.new(secret, data, >> digestmod=hashlib.sha256).hexdigest() >> >>> payload = base64.b64encode(signature + data) >> >> >> # read a pickle, assume identifier 'payload' has been read as a base64 >> encoded >> # string containing signature plus pickle data stream: >> >> >> >>> input = base64.b64decode(payload) >> >>> signature, msg = input[:64], input[64:] >> >>> result = None >> >>> if signature == hmac.new(secret, msg, >> digestmod=hashlib.sha256).hexdigest(): >> ... result = pickle.loads(msg) # signed, ergo trusted >> ... >> >>> >> >> My use case is something like session data (for lightweight form >> wizard), but with a tiny dict of values that can easily fit after >> serialization and signing into a <4KB cookie set by a browser view. >> Given the small size of the dataset, I want to avoid using sessions >> for unnecessary deployment complexity. >> >> Are there any drawbacks to using the system keyring secret for signing >> (and trusting) data like this that I should be aware of? >> >> Sean >> _______________________________________________ >> Product-Developers mailing list >> [email protected] >> https://lists.plone.org/mailman/listinfo/plone-product-developers >> >> -- >> Mikko Ohtamaa >> <https://lists.plone.org/mailman/listinfo/plone-product-developers> >> http://opensourcehacker.com >> http://twitter.com/moo9000 >> >> >> >> > _______________________________________________ > Product-Developers mailing list > [email protected] > https://lists.plone.org/mailman/listinfo/plone-product-developers > >
_______________________________________________ Product-Developers mailing list [email protected] https://lists.plone.org/mailman/listinfo/plone-product-developers
