diff options
Diffstat (limited to 'src/saml2/ident.py')
-rw-r--r-- | src/saml2/ident.py | 20 |
1 files changed, 18 insertions, 2 deletions
diff --git a/src/saml2/ident.py b/src/saml2/ident.py index 49f8a632..c99a3bd4 100644 --- a/src/saml2/ident.py +++ b/src/saml2/ident.py @@ -7,7 +7,7 @@ from hashlib import sha256 from six.moves.urllib.parse import quote from six.moves.urllib.parse import unquote from saml2 import SAMLError -from saml2.s_utils import rndstr +from saml2.s_utils import rndbytes from saml2.s_utils import PolicyError from saml2.saml import NameID from saml2.saml import NAMEID_FORMAT_PERSISTENT @@ -46,6 +46,16 @@ def code(item): return ",".join(_res) +def code_binary(item): + """ + Return a binary 'code' suitable for hashing. + """ + code_str = code(item) + if isinstance(code_str, six.string_types): + return code_str.encode('utf-8') + return code_str + + def decode(txt): """Turns a coded string by code() into a NameID class instance. @@ -75,11 +85,17 @@ class IdentDB(object): self.name_qualifier = name_qualifier def _create_id(self, nformat, name_qualifier="", sp_name_qualifier=""): - _id = sha256(rndstr(32)) + _id = sha256(rndbytes(32)) + if not isinstance(nformat, six.binary_type): + nformat = nformat.encode('utf-8') _id.update(nformat) if name_qualifier: + if not isinstance(name_qualifier, six.binary_type): + name_qualifier = name_qualifier.encode('utf-8') _id.update(name_qualifier) if sp_name_qualifier: + if not isinstance(sp_name_qualifier, six.binary_type): + sp_name_qualifier = sp_name_qualifier.encode('utf-8') _id.update(sp_name_qualifier) return _id.hexdigest() |