4 # Copyright (C) 2007, 2008 Google Inc.
6 # This program is free software; you can redistribute it and/or modify
7 # it under the terms of the GNU General Public License as published by
8 # the Free Software Foundation; either version 2 of the License, or
9 # (at your option) any later version.
11 # This program is distributed in the hope that it will be useful, but
12 # WITHOUT ANY WARRANTY; without even the implied warranty of
13 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 # General Public License for more details.
16 # You should have received a copy of the GNU General Public License
17 # along with this program; if not, write to the Free Software
18 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
21 """Serializer abstraction module
23 This module introduces a simple abstraction over the serialization
24 backend (currently json).
32 from ganeti import errors
35 from hashlib import sha1
42 _RE_EOLSP = re.compile('[ \t]+$', re.MULTILINE)
45 def _GetJsonDumpers(_encoder_class=simplejson.JSONEncoder):
46 """Returns two JSON functions to serialize data.
48 @rtype: (callable, callable)
49 @return: The function to generate a compact form of JSON and another one to
50 generate a more readable, indented form of JSON (if supported)
53 plain_encoder = _encoder_class(sort_keys=True)
55 # Check whether the simplejson module supports indentation
57 indent_encoder = _encoder_class(indent=_JSON_INDENT, sort_keys=True)
59 # Indentation not supported
60 indent_encoder = plain_encoder
62 return (plain_encoder.encode, indent_encoder.encode)
65 (_DumpJson, _DumpJsonIndent) = _GetJsonDumpers()
68 def DumpJson(data, indent=True):
69 """Serialize a given object.
71 @param data: the data to serialize
72 @param indent: whether to indent output (depends on simplejson version)
74 @return: the string representation of data
82 txt = _RE_EOLSP.sub("", fn(data))
83 if not txt.endswith('\n'):
90 """Unserialize data from a string.
92 @param txt: the json-encoded form
94 @return: the original data
97 return simplejson.loads(txt)
100 def DumpSignedJson(data, key, salt=None):
101 """Serialize a given object and authenticate it.
103 @param data: the data to serialize
104 @param key: shared hmac key
105 @return: the string representation of data signed by the hmac key
108 txt = DumpJson(data, indent=False)
114 'hmac': hmac.new(key, salt + txt, sha1).hexdigest(),
116 return DumpJson(signed_dict, indent=False)
119 def LoadSignedJson(txt, key):
120 """Verify that a given message was signed with the given key, and load it.
122 @param txt: json-encoded hmac-signed message
123 @param key: shared hmac key
124 @rtype: tuple of original data, string
125 @return: original data, salt
126 @raises errors.SignatureError: if the message signature doesn't verify
129 signed_dict = LoadJson(txt)
130 if not isinstance(signed_dict, dict):
131 raise errors.SignatureError('Invalid external message')
133 msg = signed_dict['msg']
134 salt = signed_dict['salt']
135 hmac_sign = signed_dict['hmac']
137 raise errors.SignatureError('Invalid external message')
139 if hmac.new(key, salt + msg, sha1).hexdigest() != hmac_sign:
140 raise errors.SignatureError('Invalid Signature')
142 return LoadJson(msg), salt
147 DumpSigned = DumpSignedJson
148 LoadSigned = LoadSignedJson