dns/tsig: use hashlib to avoid cryptodome dependency for TSIG

author Tomas Krizek <tomas.krizek@nic.cz>

Wed, 18 Jul 2018 11:14:17 +0000 (13:14 +0200)

committer Tomas Krizek <tomas.krizek@nic.cz>

Fri, 20 Jul 2018 14:24:17 +0000 (16:24 +0200)
author Tomas Krizek <tomas.krizek@nic.cz>
Wed, 18 Jul 2018 11:14:17 +0000 (13:14 +0200)
committer Tomas Krizek <tomas.krizek@nic.cz>
Fri, 20 Jul 2018 14:24:17 +0000 (16:24 +0200)
diff --git a/dns/tsig.py b/dns/tsig.py

index fd9d56a3e6cd6cf28538a8a00958b2f0afbb10dc..eaf14d9e7f48afc7859afab9311f6cd7e0363762 100644 (file)
--- a/dns/tsig.py
+++ b/dns/tsig.py
@@ -15,13 +15,13 @@
  
  """DNS TSIG support."""
  
+import hashlib
  import hmac
  import struct
  
  import dns.exception
  import dns.rdataclass
  import dns.name
-import dns.dnssec
  from ._compat import long, string_types, text_type
  
  class BadTime(dns.exception.DNSException):
@@ -68,12 +68,12 @@ HMAC_SHA384 = dns.name.from_text("hmac-sha384")
  HMAC_SHA512 = dns.name.from_text("hmac-sha512")
  
  _hashes = {
-    HMAC_SHA224: 'SHA224',
-    HMAC_SHA256: 'SHA256',
-    HMAC_SHA384: 'SHA384',
-    HMAC_SHA512: 'SHA512',
-    HMAC_SHA1: 'SHA1',
-    HMAC_MD5: 'MD5',
+    HMAC_SHA224: hashlib.sha224,
+    HMAC_SHA256: hashlib.sha256,
+    HMAC_SHA384: hashlib.sha384,
+    HMAC_SHA512: hashlib.sha512,
+    HMAC_SHA1: hashlib.sha1,
+    HMAC_MD5: hashlib.md5,
  }
  
  default_algorithm = HMAC_MD5
@@ -211,7 +211,7 @@ def get_algorithm(algorithm):
          algorithm = dns.name.from_text(algorithm)
  
      try:
-        return (algorithm.to_digestable(), dns.dnssec._make_hash(algorithm))
+        return (algorithm.to_digestable(), _hashes[algorithm])
      except KeyError:
          raise NotImplementedError("TSIG algorithm " + str(algorithm) +
                                    " is not supported")
author	Tomas Krizek <tomas.krizek@nic.cz>
	Wed, 18 Jul 2018 11:14:17 +0000 (13:14 +0200)
committer	Tomas Krizek <tomas.krizek@nic.cz>
	Fri, 20 Jul 2018 14:24:17 +0000 (16:24 +0200)