diff options
author | Vlastimil Zíma <vlastimil.zima@nic.cz> | 2018-05-11 13:54:14 +0200 |
---|---|---|
committer | Vlastimil Zíma <vlastimil.zima@nic.cz> | 2018-05-17 11:14:44 +0200 |
commit | 6f6b6972036adc5d1937fbb4f63c0b279d630cb7 (patch) | |
tree | 2db5811c68c2485daf12d23338b0d48578c8a86e /openid/association.py | |
parent | ce2705ff6d3583c800f8f5974bed6f1de11f1d3c (diff) | |
download | openid-6f6b6972036adc5d1937fbb4f63c0b279d630cb7.tar.gz |
Use cryptography for signature comparison
Diffstat (limited to 'openid/association.py')
-rw-r--r-- | openid/association.py | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/openid/association.py b/openid/association.py index de607f4..ca063bd 100644 --- a/openid/association.py +++ b/openid/association.py @@ -28,6 +28,7 @@ from __future__ import unicode_literals import time import six +from cryptography.hazmat.primitives.constant_time import bytes_eq from openid import cryptutil, kvform, oidutil from openid.message import OPENID_NS @@ -513,7 +514,7 @@ class Association(object): if not message_sig: raise ValueError("%s has no sig." % (message,)) calculated_sig = self.getMessageSignature(message) - return cryptutil.const_eq(calculated_sig, message_sig) + return bytes_eq(calculated_sig.encode('utf-8'), message_sig.encode('utf-8')) def _makePairs(self, message): signed = message.getArg(OPENID_NS, 'signed') |