[librest] Revert "Use HMAC glib implementation instead of rolling our own"
- From: Christophe Fergeau <teuf src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [librest] Revert "Use HMAC glib implementation instead of rolling our own"
- Date: Thu, 28 Jun 2012 10:33:25 +0000 (UTC)
commit 44a79fd73de5862d2106f5ad9192b566502a7052
Author: Christophe Fergeau <cfergeau redhat com>
Date: Thu Jun 28 12:33:07 2012 +0200
Revert "Use HMAC glib implementation instead of rolling our own"
This reverts commit 2a8dac4cc7aeca25b182bb9806ddb1881f2f4994.
Pushed by mistake...
configure.ac | 2 +-
rest-extras/flickr-proxy-call.c | 1 +
rest-extras/lastfm-proxy-call.c | 1 +
rest/Makefile.am | 4 +-
rest/oauth-proxy-call.c | 6 +-
rest/oauth2-proxy-call.c | 1 +
rest/sha1.c | 108 +++++++++++++++++++++++++++++++++++++++
rest/sha1.h | 22 ++++++++
8 files changed, 140 insertions(+), 5 deletions(-)
---
diff --git a/configure.ac b/configure.ac
index 680ade1..f1105ae 100644
--- a/configure.ac
+++ b/configure.ac
@@ -40,7 +40,7 @@ AM_PROG_CC_C_O
LT_PREREQ([2.2.6])
LT_INIT([disable-static])
-PKG_CHECK_MODULES(GLIB, glib-2.0 >= 2.30)
+PKG_CHECK_MODULES(GLIB, glib-2.0 >= 2.24)
PKG_CHECK_MODULES(SOUP, libsoup-2.4)
PKG_CHECK_MODULES(XML, libxml-2.0)
PKG_CHECK_MODULES(GTHREAD, gthread-2.0)
diff --git a/rest-extras/flickr-proxy-call.c b/rest-extras/flickr-proxy-call.c
index 51881dd..a9bc6f7 100644
--- a/rest-extras/flickr-proxy-call.c
+++ b/rest-extras/flickr-proxy-call.c
@@ -26,6 +26,7 @@
#include "flickr-proxy-call.h"
#include "flickr-proxy-private.h"
#include "rest/rest-proxy-call-private.h"
+#include "rest/sha1.h"
G_DEFINE_TYPE (FlickrProxyCall, flickr_proxy_call, REST_TYPE_PROXY_CALL)
diff --git a/rest-extras/lastfm-proxy-call.c b/rest-extras/lastfm-proxy-call.c
index afc7288..5e04038 100644
--- a/rest-extras/lastfm-proxy-call.c
+++ b/rest-extras/lastfm-proxy-call.c
@@ -27,6 +27,7 @@
#include "lastfm-proxy-call.h"
#include "lastfm-proxy-private.h"
#include "rest/rest-proxy-call-private.h"
+#include "rest/sha1.h"
G_DEFINE_TYPE (LastfmProxyCall, lastfm_proxy_call, REST_TYPE_PROXY_CALL)
diff --git a/rest/Makefile.am b/rest/Makefile.am
index 35067c5..e8a313f 100644
--- a/rest/Makefile.am
+++ b/rest/Makefile.am
@@ -18,7 +18,9 @@ lib_sources = \
oauth-proxy-private.h \
oauth2-proxy.c \
oauth2-proxy-call.c \
- oauth2-proxy-private.h
+ oauth2-proxy-private.h \
+ sha1.c \
+ sha1.h
lib_headers = \
rest-param.h \
rest-params.h \
diff --git a/rest/oauth-proxy-call.c b/rest/oauth-proxy-call.c
index c9d1ecd..d8cff95 100644
--- a/rest/oauth-proxy-call.c
+++ b/rest/oauth-proxy-call.c
@@ -26,6 +26,7 @@
#include "oauth-proxy-call.h"
#include "oauth-proxy-private.h"
#include "rest-proxy-call-private.h"
+#include "sha1.h"
G_DEFINE_TYPE (OAuthProxyCall, oauth_proxy_call, REST_TYPE_PROXY_CALL)
@@ -162,9 +163,8 @@ sign_hmac (OAuthProxy *proxy, RestProxyCall *call, GHashTable *oauth_params)
/* PLAINTEXT signature value is the HMAC-SHA1 key value */
key = sign_plaintext (priv);
- signature = g_compute_hmac_for_string (G_CHECKSUM_SHA1,
- (guchar *)key, strlen (key),
- text->str, -1);
+ signature = hmac_sha1 (key, text->str);
+
g_free (key);
g_string_free (text, TRUE);
diff --git a/rest/oauth2-proxy-call.c b/rest/oauth2-proxy-call.c
index 87ad8f7..f0d441c 100644
--- a/rest/oauth2-proxy-call.c
+++ b/rest/oauth2-proxy-call.c
@@ -27,6 +27,7 @@
#include "oauth2-proxy-call.h"
#include "oauth2-proxy-private.h"
#include "rest-proxy-call-private.h"
+#include "sha1.h"
G_DEFINE_TYPE (OAuth2ProxyCall, oauth2_proxy_call, REST_TYPE_PROXY_CALL)
diff --git a/rest/sha1.c b/rest/sha1.c
new file mode 100644
index 0000000..b2f4f0b
--- /dev/null
+++ b/rest/sha1.c
@@ -0,0 +1,108 @@
+/*
+ * librest - RESTful web services access
+ * Copyright (c) 2008, 2009, Intel Corporation.
+ *
+ * Authors: Ross Burton <ross linux intel com>
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms and conditions of the GNU Lesser General Public License,
+ * version 2.1, as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope it will be useful, but WITHOUT ANY
+ * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+ * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for
+ * more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St - Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ */
+
+#include <string.h>
+#include <glib.h>
+#include "sha1.h"
+
+#define SHA1_BLOCK_SIZE 64
+#define SHA1_LENGTH 20
+
+/*
+ * hmac_sha1:
+ * @key: The key
+ * @message: The message
+ *
+ * Given the key and message, compute the HMAC-SHA1 hash and return the base-64
+ * encoding of it. This is very geared towards OAuth, and as such both key and
+ * message must be NULL-terminated strings, and the result is base-64 encoded.
+ */
+char *
+hmac_sha1 (const char *key, const char *message)
+{
+ GChecksum *checksum;
+ char *real_key;
+ guchar ipad[SHA1_BLOCK_SIZE];
+ guchar opad[SHA1_BLOCK_SIZE];
+ guchar inner[SHA1_LENGTH];
+ guchar digest[SHA1_LENGTH];
+ gsize key_length, inner_length, digest_length;
+ int i;
+
+ g_return_val_if_fail (key, NULL);
+ g_return_val_if_fail (message, NULL);
+
+ checksum = g_checksum_new (G_CHECKSUM_SHA1);
+
+ /* If the key is longer than the block size, hash it first */
+ if (strlen (key) > SHA1_BLOCK_SIZE) {
+ guchar new_key[SHA1_LENGTH];
+
+ key_length = sizeof (new_key);
+
+ g_checksum_update (checksum, (guchar*)key, strlen (key));
+ g_checksum_get_digest (checksum, new_key, &key_length);
+ g_checksum_reset (checksum);
+
+ real_key = g_memdup (new_key, key_length);
+ } else {
+ real_key = g_strdup (key);
+ key_length = strlen (key);
+ }
+
+ /* Sanity check the length */
+ g_assert (key_length <= SHA1_BLOCK_SIZE);
+
+ /* Protect against use of the provided key by NULLing it */
+ key = NULL;
+
+ /* Stage 1 */
+ memset (ipad, 0, sizeof (ipad));
+ memset (opad, 0, sizeof (opad));
+
+ memcpy (ipad, real_key, key_length);
+ memcpy (opad, real_key, key_length);
+
+ /* Stage 2 and 5 */
+ for (i = 0; i < sizeof (ipad); i++) {
+ ipad[i] ^= 0x36;
+ opad[i] ^= 0x5C;
+ }
+
+ /* Stage 3 and 4 */
+ g_checksum_update (checksum, ipad, sizeof (ipad));
+ g_checksum_update (checksum, (guchar*)message, strlen (message));
+ inner_length = sizeof (inner);
+ g_checksum_get_digest (checksum, inner, &inner_length);
+ g_checksum_reset (checksum);
+
+ /* Stage 6 and 7 */
+ g_checksum_update (checksum, opad, sizeof (opad));
+ g_checksum_update (checksum, inner, inner_length);
+
+ digest_length = sizeof (digest);
+ g_checksum_get_digest (checksum, digest, &digest_length);
+
+ g_checksum_free (checksum);
+ g_free (real_key);
+
+ return g_base64_encode (digest, digest_length);
+}
diff --git a/rest/sha1.h b/rest/sha1.h
new file mode 100644
index 0000000..3538e21
--- /dev/null
+++ b/rest/sha1.h
@@ -0,0 +1,22 @@
+/*
+ * librest - RESTful web services access
+ * Copyright (c) 2008, 2009, Intel Corporation.
+ *
+ * Authors: Ross Burton <ross linux intel com>
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms and conditions of the GNU Lesser General Public License,
+ * version 2.1, as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope it will be useful, but WITHOUT ANY
+ * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+ * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for
+ * more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St - Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ */
+
+char * hmac_sha1 (const char *key, const char *message);
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]