return simplejson.loads(txt)
-def DumpSignedJson(data, key, salt=None):
+def DumpSignedJson(data, key, salt=None, key_selector=None):
"""Serialize a given object and authenticate it.
@param data: the data to serialize
@param key: shared hmac key
+ @param key_selector: name/id that identifies the key (in case there are
+ multiple keys in use, e.g. in a multi-cluster environment)
@return: the string representation of data signed by the hmac key
"""
signed_dict = {
'msg': txt,
'salt': salt,
- 'hmac': hmac.new(key, salt + txt, sha1).hexdigest(),
}
+ if key_selector:
+ signed_dict["key_selector"] = key_selector
+ message = salt + key_selector + txt
+ else:
+ message = salt + txt
+ signed_dict["hmac"] = hmac.new(key, message,
+ sha1).hexdigest()
+
return DumpJson(signed_dict, indent=False)
"""Verify that a given message was signed with the given key, and load it.
@param txt: json-encoded hmac-signed message
- @param key: shared hmac key
+ @param key: the shared hmac key or a callable taking one argument (the key
+ selector), which returns the hmac key belonging to the key selector.
+ Typical usage is to pass a reference to the get method of a dict.
@rtype: tuple of original data, string
@return: original data, salt
@raises errors.SignatureError: if the message signature doesn't verify
except KeyError:
raise errors.SignatureError('Invalid external message')
- if hmac.new(key, salt + msg, sha1).hexdigest() != hmac_sign:
+ if callable(key):
+ # pylint: disable-msg=E1103
+ key_selector = signed_dict.get("key_selector", None)
+ hmac_key = key(key_selector)
+ if not hmac_key:
+ raise errors.SignatureError("No key with key selector '%s' found" %
+ key_selector)
+ else:
+ key_selector = ""
+ hmac_key = key
+
+ if hmac.new(hmac_key, salt + key_selector + msg,
+ sha1).hexdigest() != hmac_sign:
raise errors.SignatureError('Invalid Signature')
return LoadJson(msg), salt