diff options
author | Simo Sorce <simo@redhat.com> | 2015-06-05 14:02:34 -0400 |
---|---|---|
committer | Simo Sorce <simo@redhat.com> | 2015-06-05 14:02:34 -0400 |
commit | 3cf9508e5b018bc242bc1ceed6c2cb522e90a00f (patch) | |
tree | ac7f2d9fecdc8126ce72b0173db91dcd6cff064d /custodia/message/kem.py | |
parent | 1b55bc36f4176c0d4c6ea8ac5196b48776c08eeb (diff) | |
download | custodia-3cf9508e5b018bc242bc1ceed6c2cb522e90a00f.tar.gz custodia-3cf9508e5b018bc242bc1ceed6c2cb522e90a00f.tar.xz custodia-3cf9508e5b018bc242bc1ceed6c2cb522e90a00f.zip |
Fix name checking for kem backend
Signed-off-by: Simo Sorce <simo@redhat.com>
Diffstat (limited to 'custodia/message/kem.py')
-rw-r--r-- | custodia/message/kem.py | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/custodia/message/kem.py b/custodia/message/kem.py index ebe2a47..3b01a1f 100644 --- a/custodia/message/kem.py +++ b/custodia/message/kem.py @@ -155,11 +155,12 @@ class KEMHandler(MessageHandler): if 'sub' not in claims: raise InvalidMessage('Missing subject in payload') if claims['sub'] != name: - raise InvalidMessage('Key name does not match payload subject') + raise InvalidMessage('Key name %s does not match subject %s' % ( + name, claims['sub'])) if 'exp' not in claims: raise InvalidMessage('Missing request time in payload') if claims['exp'] - (10 * 60) > int(time.time()): - raise InvalidMessage('Message expiration too long') + raise InvalidMessage('Message expiration too far in the future') if claims['exp'] < int(time.time()): raise InvalidMessage('Message Expired') |