Preload the string-escape code in noded

[ganeti-local] / lib / serializer.py

diff --git a/lib/serializer.py b/lib/serializer.py
index 314a934..9a5f1ce 100644 (file)
--- a/lib/serializer.py
+++ b/lib/serializer.py
@@ -31,14 +31,9 @@ backend (currently json).
 
 import simplejson
 import re
-import hmac
 
 from ganeti import errors
-
-try:
-  from hashlib import sha1
-except ImportError:
-  import sha as sha1
+from ganeti import utils
 
 
 _JSON_INDENT = 2
@@ -117,14 +112,14 @@ def DumpSignedJson(data, key, salt=None, key_selector=None):
   signed_dict = {
     'msg': txt,
     'salt': salt,
-  }
+    }
+
   if key_selector:
     signed_dict["key_selector"] = key_selector
-    message = salt + key_selector + txt
   else:
-    message = salt + txt
-  signed_dict["hmac"] = hmac.new(key, message,
-                                 sha1).hexdigest()
+    key_selector = ""
+
+  signed_dict["hmac"] = utils.Sha1Hmac(key, txt, salt=salt + key_selector)
 
   return DumpJson(signed_dict, indent=False)
 
@@ -152,6 +147,7 @@ def LoadSignedJson(txt, key):
     raise errors.SignatureError('Invalid external message')
 
   if callable(key):
+    # pylint: disable-msg=E1103
     key_selector = signed_dict.get("key_selector", None)
     hmac_key = key(key_selector)
     if not hmac_key:
@@ -161,8 +157,8 @@ def LoadSignedJson(txt, key):
     key_selector = ""
     hmac_key = key
 
-  if hmac.new(hmac_key, salt + key_selector + msg,
-              sha1).hexdigest() != hmac_sign:
+  if not utils.VerifySha1Hmac(hmac_key, msg, hmac_sign,
+                              salt=salt + key_selector):
     raise errors.SignatureError('Invalid Signature')
 
   return LoadJson(msg), salt