diff options
| author | Alex Gaynor <alex.gaynor@gmail.com> | 2014-10-30 13:29:31 -0700 |
|---|---|---|
| committer | Alex Gaynor <alex.gaynor@gmail.com> | 2014-10-30 13:29:31 -0700 |
| commit | 754d459b4746e84218164593e5b88208e178f1da (patch) | |
| tree | e85479172bf7730f9ad6837e4f14cf0c6744123b /cryptography/hazmat/primitives/hmac.py | |
| parent | 083091eaef3f84d23eee6c7390d074d05ef78d96 (diff) | |
| download | cryptography-754d459b4746e84218164593e5b88208e178f1da.tar.gz cryptography-754d459b4746e84218164593e5b88208e178f1da.tar.bz2 cryptography-754d459b4746e84218164593e5b88208e178f1da.zip | |
Make sure the backend implementatinos of various interfaces have verify() methods.
Also make the frontend versions actually use them
Diffstat (limited to 'cryptography/hazmat/primitives/hmac.py')
| -rw-r--r-- | cryptography/hazmat/primitives/hmac.py | 12 |
1 files changed, 7 insertions, 5 deletions
diff --git a/cryptography/hazmat/primitives/hmac.py b/cryptography/hazmat/primitives/hmac.py index 22a31391..47a048ff 100644 --- a/cryptography/hazmat/primitives/hmac.py +++ b/cryptography/hazmat/primitives/hmac.py @@ -15,10 +15,10 @@ from __future__ import absolute_import, division, print_function from cryptography import utils from cryptography.exceptions import ( - AlreadyFinalized, InvalidSignature, UnsupportedAlgorithm, _Reasons + AlreadyFinalized, UnsupportedAlgorithm, _Reasons ) from cryptography.hazmat.backends.interfaces import HMACBackend -from cryptography.hazmat.primitives import constant_time, interfaces +from cryptography.hazmat.primitives import interfaces @utils.register_interface(interfaces.MACContext) @@ -71,6 +71,8 @@ class HMAC(object): def verify(self, signature): if not isinstance(signature, bytes): raise TypeError("signature must be bytes.") - digest = self.finalize() - if not constant_time.bytes_eq(digest, signature): - raise InvalidSignature("Signature did not match digest.") + if self._ctx is None: + raise AlreadyFinalized("Context was already finalized.") + + ctx, self._ctx = self._ctx, None + ctx.verify(signature) |