mirror of
https://github.com/quantum5/nginx-krbauth.git
synced 2025-04-24 12:32:03 -04:00
Remove direct reference to SHA512 for HMAC verification
This commit is contained in:
Quantum
parent
7d4e26b959
commit
bc7c644664
|
|
@ -73,7 +73,7 @@ def verify_cookie(cookie, context):
|
||||||
return False
|
return False
|
||||||
if not hmac.compare_digest(message[timestamp.size + RANDOM_SIZE:], context.bytes()):
|
if not hmac.compare_digest(message[timestamp.size + RANDOM_SIZE:], context.bytes()):
|
||||||
return False
|
return False
|
||||||
expected = hmac.new(HMAC_KEY, message, hashlib.sha512).digest()
|
expected = hmac.new(HMAC_KEY, message, hmac_digest).digest()
|
||||||
return hmac.compare_digest(expected, signature)
|
return hmac.compare_digest(expected, signature)
|
||||||
|
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue