Hash functions support different hash algorithms

The token hash functions always used MD5. With this change, the hash function can be passed in to the hash functions. SecurityImpact Related-Bug: #1174499 Change-Id: Ia08c2d6252bb034087a244b47d5bcbea7dcfa70b
author: Brant Knudson <bknudson@us.ibm.com> 2014-04-08 19:50:09 -0500
committer: Brant Knudson <bknudson@us.ibm.com> 2014-04-09 13:54:30 -0500
commit: 82359492dc14e679d48e6801da304027e508533c (patch)
tree: 8b98f65c7bdb7f56a4229de4fa9e93215c8c36e9 /keystoneclient/common
parent: 61322a3feeb943e5341fc25c6df957aec59463be (diff)
download: python-keystoneclient-82359492dc14e679d48e6801da304027e508533c.tar.gz
1 files changed, 2 insertions, 2 deletions
diff --git a/keystoneclient/common/cms.py b/keystoneclient/common/cms.py
index a56fe27..8f6576f 100644
--- a/keystoneclient/common/cms.py
+++ b/keystoneclient/common/cms.py
@@ -261,7 +261,7 @@ def cms_to_token(cms_text):
     return signed_text
 
 
-def cms_hash_token(token_id):
+def cms_hash_token(token_id, mode='md5'):
     """Hash PKI tokens.
 
     return: for ans1_token, returns the hash of the passed in token
@@ -270,7 +270,7 @@ def cms_hash_token(token_id):
     if token_id is None:
         return None
     if is_ans1_token(token_id):
-        hasher = hashlib.md5()
+        hasher = hashlib.new(mode)
         if isinstance(token_id, six.text_type):
             token_id = token_id.encode('utf-8')
         hasher.update(token_id)
author	Brant Knudson <bknudson@us.ibm.com>	2014-04-08 19:50:09 -0500
committer	Brant Knudson <bknudson@us.ibm.com>	2014-04-09 13:54:30 -0500
commit	82359492dc14e679d48e6801da304027e508533c (patch)
tree	8b98f65c7bdb7f56a4229de4fa9e93215c8c36e9 /keystoneclient/common
parent	61322a3feeb943e5341fc25c6df957aec59463be (diff)
download	python-keystoneclient-82359492dc14e679d48e6801da304027e508533c.tar.gz