diff options
author | Brant Knudson <bknudson@us.ibm.com> | 2014-04-08 19:50:09 -0500 |
---|---|---|
committer | Brant Knudson <bknudson@us.ibm.com> | 2014-04-09 13:54:30 -0500 |
commit | 82359492dc14e679d48e6801da304027e508533c (patch) | |
tree | 8b98f65c7bdb7f56a4229de4fa9e93215c8c36e9 /keystoneclient/common | |
parent | 61322a3feeb943e5341fc25c6df957aec59463be (diff) | |
download | python-keystoneclient-82359492dc14e679d48e6801da304027e508533c.tar.gz |
Hash functions support different hash algorithms
The token hash functions always used MD5. With this change, the
hash function can be passed in to the hash functions.
SecurityImpact
Related-Bug: #1174499
Change-Id: Ia08c2d6252bb034087a244b47d5bcbea7dcfa70b
Diffstat (limited to 'keystoneclient/common')
-rw-r--r-- | keystoneclient/common/cms.py | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/keystoneclient/common/cms.py b/keystoneclient/common/cms.py index a56fe27..8f6576f 100644 --- a/keystoneclient/common/cms.py +++ b/keystoneclient/common/cms.py @@ -261,7 +261,7 @@ def cms_to_token(cms_text): return signed_text -def cms_hash_token(token_id): +def cms_hash_token(token_id, mode='md5'): """Hash PKI tokens. return: for ans1_token, returns the hash of the passed in token @@ -270,7 +270,7 @@ def cms_hash_token(token_id): if token_id is None: return None if is_ans1_token(token_id): - hasher = hashlib.md5() + hasher = hashlib.new(mode) if isinstance(token_id, six.text_type): token_id = token_id.encode('utf-8') hasher.update(token_id) |