From f438d0e947a777ca949b904d7b3793b629f2d59d Mon Sep 17 00:00:00 2001 From: Tom Hacohen Date: Fri, 15 May 2020 12:44:10 +0300 Subject: [PATCH] Trim salt when creating the challenge. --- django_etesync/views.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/django_etesync/views.py b/django_etesync/views.py index eaf0e35..1a7c5bc 100644 --- a/django_etesync/views.py +++ b/django_etesync/views.py @@ -309,7 +309,8 @@ class AuthenticationViewSet(viewsets.ViewSet): def get_encryption_key(self, salt): key = nacl.hash.blake2b(settings.SECRET_KEY.encode(), encoder=nacl.encoding.RawEncoder) - return nacl.hash.blake2b(b'', key=key, salt=salt, person=b'etesync-auth', encoder=nacl.encoding.RawEncoder) + return nacl.hash.blake2b(b'', key=key, salt=salt[:nacl.hash.BLAKE2B_SALTBYTES], person=b'etesync-auth', + encoder=nacl.encoding.RawEncoder) def get_queryset(self): return User.objects.all()