From 8839637fbcb1b083e19367801ca7646962944d30 Mon Sep 17 00:00:00 2001
From: zsloan
Date: Tue, 3 Mar 2020 15:16:31 -0600
Subject: was missing a couple files in last commit

---
 wqflask/utility/hmac.py | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)
 create mode 100644 wqflask/utility/hmac.py

(limited to 'wqflask/utility')

diff --git a/wqflask/utility/hmac.py b/wqflask/utility/hmac.py
new file mode 100644
index 00000000..47001e54
--- /dev/null
+++ b/wqflask/utility/hmac.py
@@ -0,0 +1,18 @@
+from __future__ import print_function, division, absolute_import
+
+import hmac
+
+from wqflask import app
+
+def hmac_creation(stringy):
+    """Helper function to create the actual hmac"""
+
+    secret = app.config['SECRET_HMAC_CODE']
+
+    hmaced = hmac.new(secret, stringy, hashlib.sha1)
+    hm = hmaced.hexdigest()
+    # ZS: Leaving the below comment here to ask Pjotr about
+    # "Conventional wisdom is that you don't lose much in terms of security if you throw away up to half of the output."
+    # http://www.w3.org/QA/2009/07/hmac_truncation_in_xml_signatu.html
+    hm = hm[:20]
+    return hm
\ No newline at end of file
-- 
cgit v1.2.3