Standardize export of secrets to avoid miscalculation of MAC.

author: drebs <drebs@leap.se> 2014-11-18 14:21:58 -0200
committer: Kali Kaneko <kali@leap.se> 2015-02-11 14:03:17 -0400
commit: 8b3982ada921af765e7ede7dd3c77ef3fbf075f1 (patch)
tree: 3d0053b5ab1c860c94b6cbbe09311d8a99c1438f
parent: d25527ac06563f061aee7771d494522b3ed58b7d (diff)
1 files changed, 3 insertions, 2 deletions
diff --git a/client/src/leap/soledad/client/secrets.py b/client/src/leap/soledad/client/secrets.py
index b0e54220..af781a26 100644
--- a/client/src/leap/soledad/client/secrets.py
+++ b/client/src/leap/soledad/client/secrets.py
@@ -403,7 +403,7 @@ class SoledadSecrets(object):
             crypto.MAC_METHOD_KEY: crypto.MacMethods.HMAC,
             crypto.MAC_KEY: hmac.new(
                 key,
-                json.dumps(encrypted_secrets),
+                json.dumps(encrypted_secrets, sort_keys=True),
                 sha256).hexdigest(),
         }
         return data
@@ -440,7 +440,8 @@ class SoledadSecrets(object):
                     buflen=32)
                 mac = hmac.new(
                     key,
-                    json.dumps(data[self.STORAGE_SECRETS_KEY]),
+                    json.dumps(
+                        data[self.STORAGE_SECRETS_KEY], sort_keys=True),
                     sha256).hexdigest()
             else:
                 raise crypto.UnknownMacMethodError('Unknown MAC method: %s.' %
author	drebs <drebs@leap.se>	2014-11-18 14:21:58 -0200
committer	Kali Kaneko <kali@leap.se>	2015-02-11 14:03:17 -0400
commit	8b3982ada921af765e7ede7dd3c77ef3fbf075f1 (patch)
tree	3d0053b5ab1c860c94b6cbbe09311d8a99c1438f
parent	d25527ac06563f061aee7771d494522b3ed58b7d (diff)