From fc7fa83b04dd1f4c881021b9026092202b44016b Mon Sep 17 00:00:00 2001
From: Martin Mares <mj@ucw.cz>
Date: Wed, 14 Jul 2021 00:15:17 +0200
Subject: [PATCH] =?UTF-8?q?mo.tokens:=20Obecn=C3=BD=20parametrizovan=C3=BD?=
 =?UTF-8?q?=20podpis=20a=20hash?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 mo/tokens.py | 20 +++++++++++++++++---
 1 file changed, 17 insertions(+), 3 deletions(-)

diff --git a/mo/tokens.py b/mo/tokens.py
index afe36b84..97a70775 100644
--- a/mo/tokens.py
+++ b/mo/tokens.py
@@ -1,5 +1,6 @@
 # Podepsané tokeny
 
+import hashlib
 import hmac
 import urllib.parse
 from typing import Optional, List
@@ -8,9 +9,7 @@ import mo.config as config
 
 
 def _sign_token(token: str, use: str) -> str:
-    key = '-'.join(('sign-token', use, config.SECRET_KEY))
-    mac = hmac.HMAC(key.encode('us-ascii'), token.encode('us-ascii'), 'sha256')
-    return mac.hexdigest()[:16]
+    return sign(token, 'token-' + use)
 
 
 def sign_token(fields: List[str], use: str) -> str:
@@ -27,3 +26,18 @@ def verify_token(token: str, use: str) -> Optional[List[str]]:
     if _sign_token(':'.join(enc_fields), use) != sign:
         return None
     return [urllib.parse.unquote(f) for f in enc_fields]
+
+
+def sign(msg: str, use: str) -> str:
+    """Podpis parametrizovaný tajným klíčem a účelem."""
+
+    key = use + '#' + config.SECRET_KEY
+    mac = hmac.HMAC(key.encode('us-ascii'), msg.encode('us-ascii'), 'sha256')
+    return mac.hexdigest()[:16]
+
+
+def hash(msg: str, use: str) -> str:
+    """Hešovací funkce parametrizovaná tajným klíčem a účelem."""
+
+    m = '#'.join((use, config.SECRET_KEY, msg)).encode('us-ascii')
+    return hashlib.sha256(m).hexdigest()
-- 
GitLab