test cases to reproduce #1246

1 files changed, 13 insertions, 1 deletions

diff --git a/pyramid/tests/test_session.py b/pyramid/tests/test_session.py
index 1ad0729b3..6bce764ca 100644
--- a/pyramid/tests/test_session.py
+++ b/pyramid/tests/test_session.py
@@ -519,7 +519,7 @@ def serialize(data, secret):
     from pyramid.compat import native_
     from pyramid.compat import pickle
     pickled = pickle.dumps(data, pickle.HIGHEST_PROTOCOL)
-    sig = hmac.new(bytes_(secret), pickled, sha1).hexdigest()
+    sig = hmac.new(bytes_(secret, 'utf-8'), pickled, sha1).hexdigest()
     return sig + native_(base64.b64encode(pickled))
 
 class Test_signed_serialize(unittest.TestCase):
@@ -531,6 +531,12 @@ class Test_signed_serialize(unittest.TestCase):
         expected = serialize('123', 'secret')
         result = self._callFUT('123', 'secret')
         self.assertEqual(result, expected)
+
+    def test_it_with_highorder_secret(self):
+        secret = b'La Pe\xc3\xb1a'.decode('utf-8')
+        expected = serialize('123', secret)
+        result = self._callFUT('123', secret)
+        self.assertEqual(result, expected)
         
 class Test_signed_deserialize(unittest.TestCase):
     def _callFUT(self, serialized, secret, hmac=None):
@@ -562,6 +568,12 @@ class Test_signed_deserialize(unittest.TestCase):
         serialized = 'bad' + serialize('123', 'secret')
         self.assertRaises(ValueError, self._callFUT, serialized, 'secret')
 
+    def test_it_with_highorder_secret(self):
+        secret = b'La Pe\xc3\xb1a'.decode('utf-8')
+        serialized = serialize('123', secret)
+        result = self._callFUT(serialized, secret)
+        self.assertEqual(result, '123')
+
 class Test_check_csrf_token(unittest.TestCase):
     def _callFUT(self, *args, **kwargs):
         from ..session import check_csrf_token