Unified Diff: sitescripts/signing.py
Issue 5177883412660224:
Issue 2234 - Add a WSGI controller to collect email addresses for the Adblock Browser iOS launch (Closed)
Patch Set: Renamed files
Created April 23, 2015, 2:48 p.m.
Use n/p to move between diff chunks;
N/P to move between comments.
« .sitescripts.example ('K')
|
« .sitescripts.example ('k')
|
sitescripts/submit_email/__init__.py » ('j')
|
no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')
Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')
| Index: sitescripts/signing.py |
| =================================================================== |
| new file mode 100644 |
| --- /dev/null |
| +++ b/sitescripts/signing.py |
| @@ -0,0 +1,17 @@ |
| +import hmac |
| +import hashlib |
| + |
| +from sitescripts.utils import get_config |
| + |
| +_SECRET = get_config().get('DEFAULT', 'secret') |
| + |
| +def constant_time_compare(s1, s2): |
| + if len(s1) != len(s2): |
| + return False |
| + return reduce(lambda a, b: a | b, (ord(c1) ^ ord(c2) for c1, c2 in zip(s1, s2))) == 0 |
| + |
| +def sign(data): |
| + return hmac.new(_SECRET, data, hashlib.sha1).hexdigest() |
| + |
| +def verify(data, signature): |
| + return constant_time_compare(sign(data), signature) |
« .sitescripts.example ('K')
|
« .sitescripts.example ('k')
|
sitescripts/submit_email/__init__.py » ('j')
|
no next file with comments »
