def validate_line_signatures(line_secret, body, signature) -> bool: key = bytearray(line_secret, 'utf-8') gen_signature = hmac.new(key, body, hashlib.sha256).digest() signature = signature.encode("UTF-8") logger.debug(f'SIGNATURE: {signature}') logger.debug(f'SIGNATURE: {type(signature)}') if hasattr(hmac, "compare_digest"): valid = hmac.compare_digest(signature, base64.b64encode(gen_signature)) logger.debug(f"valid is {valid}") else: valid = line_utils.safe_compare_digest(signature, base64.b64encode(gen_signature)) logger.debug(f"valid is {valid}") return valid
def compare_digest(val1, val2): """compare_digest function. If hmac module has compare_digest function, use it. Or not, use linebot.utils.safe_compare_digest. :param val1: string or bytes for compare :type val1: str | bytes :param val2: string or bytes for compare :type val2: str | bytes :rtype: bool :return: result """ return safe_compare_digest(val1, val2)
def test_safe_compare_digest_false_different_size(self): self.assertFalse(safe_compare_digest('/gg9a+LvFevTH1sd7', '/gg9a+LvFevTH1sd78'))
def test_safe_compare_digest_true(self): self.assertTrue(safe_compare_digest('/gg9a+LvFevTH1sd7', '/gg9a+LvFevTH1sd7'))
def test_safe_compare_digest_false_different_size(self): self.assertFalse( safe_compare_digest('/gg9a+LvFevTH1sd7', '/gg9a+LvFevTH1sd78'))
def test_safe_compare_digest_true(self): self.assertTrue( safe_compare_digest('/gg9a+LvFevTH1sd7', '/gg9a+LvFevTH1sd7'))