import simplejson
import re
-import hmac
from ganeti import errors
-
-try:
- from hashlib import sha1
-except ImportError:
- import sha as sha1
+from ganeti import utils
_JSON_INDENT = 2
signed_dict = {
'msg': txt,
'salt': salt,
- }
+ }
+
if key_selector:
signed_dict["key_selector"] = key_selector
- message = salt + key_selector + txt
else:
- message = salt + txt
- signed_dict["hmac"] = hmac.new(key, message,
- sha1).hexdigest()
+ key_selector = ""
+
+ signed_dict["hmac"] = utils.Sha1Hmac(key, txt, salt=salt + key_selector)
return DumpJson(signed_dict, indent=False)
raise errors.SignatureError('Invalid external message')
if callable(key):
+ # pylint: disable-msg=E1103
key_selector = signed_dict.get("key_selector", None)
hmac_key = key(key_selector)
if not hmac_key:
key_selector = ""
hmac_key = key
- if hmac.new(hmac_key, salt + key_selector + msg,
- sha1).hexdigest() != hmac_sign:
+ if not utils.VerifySha1Hmac(hmac_key, msg, hmac_sign,
+ salt=salt + key_selector):
raise errors.SignatureError('Invalid Signature')
return LoadJson(msg), salt