/ - Diff - ganeti-local - Greek Research and Technology Network's projects

       signed_dict = {
         'msg': txt,
         'salt': salt,
+      }
+        }
       if key_selector:
         signed_dict["key_selector"] = key_selector
         message = salt + key_selector + txt
       else:
         message = salt + txt
       signed_dict["hmac"] = utils.Sha1Hmac(key, message)
         key_selector = ""
       signed_dict["hmac"] = utils.Sha1Hmac(key, txt, salt=salt + key_selector)
       return DumpJson(signed_dict, indent=False)
-...
         key_selector = ""
         hmac_key = key
       if not utils.VerifySha1Hmac(hmac_key, salt + key_selector + msg, hmac_sign):
       if not utils.VerifySha1Hmac(hmac_key, msg, hmac_sign,
                                   salt=salt + key_selector):
         raise errors.SignatureError('Invalid Signature')
       return LoadJson(msg), salt

       return ("%s: %s/%s\n\n%s" %
               (constants.X509_CERT_SIGNATURE_HEADER, salt,
                Sha1Hmac(key, salt + cert_pem),
                Sha1Hmac(key, cert_pem, salt=salt),
                cert_pem))
-...
       # Dump again to ensure it's in a sane format
       sane_pem = OpenSSL.crypto.dump_certificate(OpenSSL.crypto.FILETYPE_PEM, cert)
       if not VerifySha1Hmac(key, salt + sane_pem, signature):
       if not VerifySha1Hmac(key, sane_pem, signature, salt=salt):
         raise errors.GenericError("X509 certificate signature is invalid")
       return (cert, salt)
     def Sha1Hmac(key, text):
     def Sha1Hmac(key, text, salt=None):
       """Calculates the HMAC-SHA1 digest of a text.
       HMAC is defined in RFC2104.
-...
       @type text: string
       """
       return hmac.new(key, text, sha1).hexdigest()
       if salt:
         salted_text = salt + text
       else:
         salted_text = text
       return hmac.new(key, salted_text, sha1).hexdigest()
     def VerifySha1Hmac(key, text, digest):
     def VerifySha1Hmac(key, text, digest, salt=None):
       """Verifies the HMAC-SHA1 digest of a text.
       HMAC is defined in RFC2104.
-...
       @return: Whether HMAC-SHA1 digest matches
       """
       return digest.lower() == Sha1Hmac(key, text).lower()
       return digest.lower() == Sha1Hmac(key, text, salt=salt).lower()
     def SafeEncode(text):

         self.assertEqual(utils.Sha1Hmac("3YzMxZWE", longtext),
                          "35901b9a3001a7cdcf8e0e9d7c2e79df2223af54")
       def testSha1HmacSalt(self):
         self.assertEqual(utils.Sha1Hmac("TguMTA2K", "", salt="abc0"),
                          "4999bf342470eadb11dfcd24ca5680cf9fd7cdce")
         self.assertEqual(utils.Sha1Hmac("TguMTA2K", "", salt="abc9"),
                          "17a4adc34d69c0d367d4ffbef96fd41d4df7a6e8")
         self.assertEqual(utils.Sha1Hmac("3YzMxZWE", "Hello World", salt="xyz0"),
                          "7f264f8114c9066afc9bb7636e1786d996d3cc0d")
       def testVerifySha1Hmac(self):
         self.assert_(utils.VerifySha1Hmac("", "", ("fbdb1d1b18aa6c08324b"
                                                    "7d64b71fb76370690e1d")))
-...
         self.assert_(utils.VerifySha1Hmac("3YzMxZWE", "Hello World",
                                           digest.title()))
       def testVerifySha1HmacSalt(self):
         self.assert_(utils.VerifySha1Hmac("TguMTA2K", "",
                                           ("17a4adc34d69c0d367d4"
                                            "ffbef96fd41d4df7a6e8"),
                                           salt="abc9"))
         self.assert_(utils.VerifySha1Hmac("3YzMxZWE", "Hello World",
                                           ("7f264f8114c9066afc9b"
                                            "b7636e1786d996d3cc0d"),
                                           salt="xyz0"))
     if __name__ == '__main__':
       testutils.GanetiTestProgram()

Synnefo » snf-ganeti » ganeti-local

Revision 3718bf6d