diff options
| author | Jay Mundrawala <jdmundrawala@gmail.com> | 2015-11-10 13:42:39 -0800 |
|---|---|---|
| committer | Jay Mundrawala <jdmundrawala@gmail.com> | 2015-11-10 13:42:39 -0800 |
| commit | d1a46e16129cc7139a773ec146ac31e24548e6b8 (patch) | |
| tree | f527a023e4db1831a83b3122d88f8e6a263aedb2 | |
| parent | da05c14ab9456aa0af803aecb2b606060fbf38e3 (diff) | |
| download | mixlib-authentication-d1a46e16129cc7139a773ec146ac31e24548e6b8.tar.gz | |
Allow passing in the digest type to digester
It was assuming SHA1, we're going to want to be able to pass
in other values
| -rw-r--r-- | lib/mixlib/authentication/digester.rb | 19 | ||||
| -rw-r--r-- | lib/mixlib/authentication/signatureverification.rb | 4 | ||||
| -rw-r--r-- | lib/mixlib/authentication/signedheaderauth.rb | 6 |
3 files changed, 14 insertions, 15 deletions
diff --git a/lib/mixlib/authentication/digester.rb b/lib/mixlib/authentication/digester.rb index 7dc6dd7..071e5a7 100644 --- a/lib/mixlib/authentication/digester.rb +++ b/lib/mixlib/authentication/digester.rb @@ -21,11 +21,10 @@ require 'mixlib/authentication' module Mixlib module Authentication class Digester - class << self - - def hash_file(f) - digester = Digest::SHA1.new + + def hash_file(digest, f) + digester = digest.new buf = "" while f.read(16384, buf) digester.update buf @@ -34,15 +33,15 @@ module Mixlib end # Digests a string, base64's and chomps the end - # + # # ====Parameters - # - def hash_string(str) - ::Base64.encode64(Digest::SHA1.digest(str)).chomp + # + def hash_string(digest, str) + ::Base64.encode64(digest.digest(str)).chomp end - + end - + end end end diff --git a/lib/mixlib/authentication/signatureverification.rb b/lib/mixlib/authentication/signatureverification.rb index e91721e..45e4480 100644 --- a/lib/mixlib/authentication/signatureverification.rb +++ b/lib/mixlib/authentication/signatureverification.rb @@ -205,11 +205,11 @@ module Mixlib # we hash the body. if file_param Mixlib::Authentication::Log.debug "Digesting file_param: '#{file_param.inspect}'" - @hashed_body = digester.hash_file(file_param) + @hashed_body = digester.hash_file(Digest::SHA1, file_param) else body = request.raw_post Mixlib::Authentication::Log.debug "Digesting body: '#{body}'" - @hashed_body = digester.hash_string(body) + @hashed_body = digester.hash_string(Digest::SHA1, body) end end @hashed_body diff --git a/lib/mixlib/authentication/signedheaderauth.rb b/lib/mixlib/authentication/signedheaderauth.rb index 85a31d4..3687603 100644 --- a/lib/mixlib/authentication/signedheaderauth.rb +++ b/lib/mixlib/authentication/signedheaderauth.rb @@ -134,7 +134,7 @@ module Mixlib # TODO: tim 2009-12-28: It'd be nice to just remove this special case, # always sign the entire request body, using the expanded multipart # body in the case of a file being include. - @hashed_body ||= (self.file && self.file.respond_to?(:read)) ? digester.hash_file(self.file) : digester.hash_string(self.body) + @hashed_body ||= (self.file && self.file.respond_to?(:read)) ? digester.hash_file(Digest::SHA1, self.file) : digester.hash_string(Digest::SHA1, self.body) end # Takes HTTP request method & headers and creates a canonical form @@ -149,13 +149,13 @@ module Mixlib end canonical_x_ops_user_id = canonicalize_user_id(user_id, sign_version) - "Method:#{http_method.to_s.upcase}\nHashed Path:#{digester.hash_string(canonical_path)}\nX-Ops-Content-Hash:#{hashed_body}\nX-Ops-Timestamp:#{canonical_time}\nX-Ops-UserId:#{canonical_x_ops_user_id}" + "Method:#{http_method.to_s.upcase}\nHashed Path:#{digester.hash_string(Digest::SHA1, canonical_path)}\nX-Ops-Content-Hash:#{hashed_body}\nX-Ops-Timestamp:#{canonical_time}\nX-Ops-UserId:#{canonical_x_ops_user_id}" end def canonicalize_user_id(user_id, proto_version) case proto_version when "1.1" - digester.hash_string(user_id) + digester.hash_string(Digest::SHA1, user_id) when "1.0" user_id else |