From 6064148eb2b723a308f0d29595a75ab64f47e1e2 Mon Sep 17 00:00:00 2001
From: BonfaceKilz
Date: Thu, 17 Sep 2020 17:34:11 +0300
Subject: Replace string arguments to "hmac.new" with bytearray

Same as:
https://github.com/genenetwork/genenetwork2/pull/422/commits/46443ec8d2cdfd7c60358a889d90a90e4f7daaf4
---
 wqflask/utility/hmac.py | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

(limited to 'wqflask/utility')

diff --git a/wqflask/utility/hmac.py b/wqflask/utility/hmac.py
index 10387bb0..6623f69a 100644
--- a/wqflask/utility/hmac.py
+++ b/wqflask/utility/hmac.py
@@ -10,7 +10,9 @@ def hmac_creation(stringy):
     """Helper function to create the actual hmac"""
 
     secret = app.config['SECRET_HMAC_CODE']
-    hmaced = hmac.new(secret, stringy, hashlib.sha1)
+    hmaced = hmac.new(bytearray(secret, "utf-8"),
+                      bytearray(stringy, "utf-8"),
+                      hashlib.sha1)
     hm = hmaced.hexdigest()
     # ZS: Leaving the below comment here to ask Pjotr about
     # "Conventional wisdom is that you don't lose much in terms of security if you throw away up to half of the output."
-- 
cgit v1.2.3