saltstack/salt
1
0
Fork 0
mirror of https://github.com/saltstack/salt.git synced 2025-04-17 10:10:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

Always sign and verify bytes

Browse source
This commit is contained in:
Daniel A. Wozniak 2018-04-27 16:15:10 -07:00
parent 7810ebaba9
commit 068f2d430d
No known key found for this signature in database
GPG key ID: 166B9D2C06C82D61
2 changed files with 2 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
salt/crypt.py
View file

@ -224,7 +224,7 @@ def sign_message(privkey_path, message, passphrase=None):
log.debug('salt.crypt.sign_message: Signing message.')
if HAS_M2:
md = EVP.MessageDigest('sha1')
md.update(message)
md.update(salt.utils.stringutils.to_bytes(message))
digest = md.final()
return key.sign(digest)
else:
@ -242,7 +242,7 @@ def verify_signature(pubkey_path, message, signature):
log.debug('salt.crypt.verify_signature: Verifying signature')
if HAS_M2:
md = EVP.MessageDigest('sha1')
md.update(message)
md.update(salt.utils.stringutils.to_bytes(message))
digest = md.final()
return pubkey.verify(digest, signature)
else:

2
tests/unit/test_crypt.py
View file

@ -275,7 +275,6 @@ class TestM2CryptoRegression47124(TestCase):
with patch('salt.utils.files.fopen', mock_open(read_data=PUBKEY_DATA)):
salt.crypt.verify_signature('/keydir/keyname.pub', message, self.SIGNATURE)
@skipIf(not HAS_M2, "Skip when m2crypto is not installed")
def test_m2crypto_verify_unicode(self):
message = salt.utils.stringutils.to_bytes('meh')
@ -290,7 +289,6 @@ class TestM2CryptoRegression47124(TestCase):
signature = salt.crypt.sign_message('/keydir/keyname.pem', message, passphrase='password')
self.assertEqual(signature, self.SIGNATURE)
@skipIf(not HAS_M2, "Skip when m2crypto is not installed")
def test_m2crypto_sign_unicode(self):
message = salt.utils.stringutils.to_bytes('meh')