diff options
Diffstat (limited to 'protocols/Twitter/src/oauth.cpp')
| -rw-r--r-- | protocols/Twitter/src/oauth.cpp | 238 |
1 files changed, 4 insertions, 234 deletions
diff --git a/protocols/Twitter/src/oauth.cpp b/protocols/Twitter/src/oauth.cpp index cfc4812191..7a9a761bb6 100644 --- a/protocols/Twitter/src/oauth.cpp +++ b/protocols/Twitter/src/oauth.cpp @@ -416,233 +416,6 @@ wstring mir_twitter::OAuthCreateTimestamp() return buf;
}
-string mir_twitter::HMACSHA1( const string& keyBytes, const string& data )
-{
- // based on http://msdn.microsoft.com/en-us/library/aa382379%28v=VS.85%29.aspx
-
- string hash;
-
- //--------------------------------------------------------------------
- // Declare variables.
- //
- // hProv: Handle to a cryptographic service provider (CSP).
- // This example retrieves the default provider for
- // the PROV_RSA_FULL provider type.
- // hHash: Handle to the hash object needed to create a hash.
- // hKey: Handle to a symmetric key. This example creates a
- // key for the RC4 algorithm.
- // hHmacHash: Handle to an HMAC hash.
- // pbHash: Pointer to the hash.
- // dwDataLen: Length, in bytes, of the hash.
- // Data1: Password string used to create a symmetric key.
- // Data2: Message string to be hashed.
- // HmacInfo: Instance of an HMAC_INFO structure that contains
- // information about the HMAC hash.
- //
- HCRYPTPROV hProv = NULL;
- HCRYPTHASH hHash = NULL;
- HCRYPTKEY hKey = NULL;
- HCRYPTHASH hHmacHash = NULL;
- PBYTE pbHash = NULL;
- DWORD dwDataLen = 0;
- //BYTE Data1[] = {0x70,0x61,0x73,0x73,0x77,0x6F,0x72,0x64};
- //BYTE Data2[] = {0x6D,0x65,0x73,0x73,0x61,0x67,0x65};
- HMAC_INFO HmacInfo;
-
- //--------------------------------------------------------------------
- // Zero the HMAC_INFO structure and use the SHA1 algorithm for
- // hashing.
-
- ZeroMemory(&HmacInfo, sizeof(HmacInfo));
- HmacInfo.HashAlgid = CALG_SHA1;
-
- //--------------------------------------------------------------------
- // Acquire a handle to the default RSA cryptographic service provider.
-
- if (!CryptAcquireContext(
- &hProv, // handle of the CSP
- NULL, // key container name
- NULL, // CSP name
- PROV_RSA_FULL, // provider type
- CRYPT_VERIFYCONTEXT)) // no key access is requested
- {
- _TRACE(" Error in AcquireContext 0x%08x \n",
- GetLastError());
- goto ErrorExit;
- }
-
- //--------------------------------------------------------------------
- // Derive a symmetric key from a hash object by performing the
- // following steps:
- // 1. Call CryptCreateHash to retrieve a handle to a hash object.
- // 2. Call CryptHashData to add a text string (password) to the
- // hash object.
- // 3. Call CryptDeriveKey to create the symmetric key from the
- // hashed password derived in step 2.
- // You will use the key later to create an HMAC hash object.
-
- if (!CryptCreateHash(
- hProv, // handle of the CSP
- CALG_SHA1, // hash algorithm to use
- 0, // hash key
- 0, // reserved
- &hHash)) // address of hash object handle
- {
- _TRACE("Error in CryptCreateHash 0x%08x \n",
- GetLastError());
- goto ErrorExit;
- }
-
- if (!CryptHashData(
- hHash, // handle of the hash object
- (BYTE*)keyBytes.c_str(), // password to hash
- (DWORD)keyBytes.size(), // number of bytes of data to add
- 0)) // flags
- {
- _TRACE("Error in CryptHashData 0x%08x \n",
- GetLastError());
- goto ErrorExit;
- }
-
- // key creation based on
- // http://mirror.leaseweb.com/NetBSD/NetBSD-release-5-0/src/dist/wpa/src/crypto/crypto_cryptoapi.c
- struct {
- BLOBHEADER hdr;
- DWORD len;
- BYTE key[1024]; // TODO might want to dynamically allocate this, Should Be Fine though
- } key_blob;
-
- key_blob.hdr.bType = PLAINTEXTKEYBLOB;
- key_blob.hdr.bVersion = CUR_BLOB_VERSION;
- key_blob.hdr.reserved = 0;
- /*
- * Note: RC2 is not really used, but that can be used to
- * import HMAC keys of up to 16 byte long.
- * CRYPT_IPSEC_HMAC_KEY flag for CryptImportKey() is needed to
- * be able to import longer keys (HMAC-SHA1 uses 20-byte key).
- */
- key_blob.hdr.aiKeyAlg = CALG_RC2;
- key_blob.len = (DWORD)keyBytes.size();
- ZeroMemory(key_blob.key, sizeof(key_blob.key));
-
- _ASSERTE(keyBytes.size() <= SIZEOF(key_blob.key));
- CopyMemory(key_blob.key, keyBytes.c_str(), min(keyBytes.size(), SIZEOF(key_blob.key)));
-
- if (!CryptImportKey(
- hProv,
- (BYTE *)&key_blob,
- sizeof(key_blob),
- 0,
- CRYPT_IPSEC_HMAC_KEY,
- &hKey))
- {
- _TRACE("Error in CryptImportKey 0x%08x \n", GetLastError());
- goto ErrorExit;
- }
-
- //--------------------------------------------------------------------
- // Create an HMAC by performing the following steps:
- // 1. Call CryptCreateHash to create a hash object and retrieve
- // a handle to it.
- // 2. Call CryptSetHashParam to set the instance of the HMAC_INFO
- // structure into the hash object.
- // 3. Call CryptHashData to compute a hash of the message.
- // 4. Call CryptGetHashParam to retrieve the size, in bytes, of
- // the hash.
- // 5. Call malloc to allocate memory for the hash.
- // 6. Call CryptGetHashParam again to retrieve the HMAC hash.
-
- if (!CryptCreateHash(
- hProv, // handle of the CSP.
- CALG_HMAC, // HMAC hash algorithm ID
- hKey, // key for the hash (see above)
- 0, // reserved
- &hHmacHash)) // address of the hash handle
- {
- _TRACE("Error in CryptCreateHash 0x%08x \n",
- GetLastError());
- goto ErrorExit;
- }
-
- if (!CryptSetHashParam(
- hHmacHash, // handle of the HMAC hash object
- HP_HMAC_INFO, // setting an HMAC_INFO object
- (BYTE*)&HmacInfo, // the HMAC_INFO object
- 0)) // reserved
- {
- _TRACE("Error in CryptSetHashParam 0x%08x \n",
- GetLastError());
- goto ErrorExit;
- }
-
- if (!CryptHashData(
- hHmacHash, // handle of the HMAC hash object
- (BYTE*)data.c_str(), // message to hash
- (DWORD)data.size(), // number of bytes of data to add
- 0)) // flags
- {
- _TRACE("Error in CryptHashData 0x%08x \n",
- GetLastError());
- goto ErrorExit;
- }
-
- //--------------------------------------------------------------------
- // Call CryptGetHashParam twice. Call it the first time to retrieve
- // the size, in bytes, of the hash. Allocate memory. Then call
- // CryptGetHashParam again to retrieve the hash value.
-
- if (!CryptGetHashParam(
- hHmacHash, // handle of the HMAC hash object
- HP_HASHVAL, // query on the hash value
- NULL, // filled on second call
- &dwDataLen, // length, in bytes, of the hash
- 0))
- {
- _TRACE("Error in CryptGetHashParam 0x%08x \n",
- GetLastError());
- goto ErrorExit;
- }
-
- pbHash = (BYTE*)malloc(dwDataLen);
- if(NULL == pbHash)
- {
- _TRACE("unable to allocate memory\n");
- goto ErrorExit;
- }
-
- if (!CryptGetHashParam(
- hHmacHash, // handle of the HMAC hash object
- HP_HASHVAL, // query on the hash value
- pbHash, // pointer to the HMAC hash value
- &dwDataLen, // length, in bytes, of the hash
- 0))
- {
- _TRACE("Error in CryptGetHashParam 0x%08x \n", GetLastError());
- goto ErrorExit;
- }
-
- for(DWORD i = 0 ; i < dwDataLen ; i++)
- {
- hash.push_back((char)pbHash[i]);
- }
-
- // Free resources.
- // lol goto
-ErrorExit:
- if(hHmacHash)
- CryptDestroyHash(hHmacHash);
- if(hKey)
- CryptDestroyKey(hKey);
- if(hHash)
- CryptDestroyHash(hHash);
- if(hProv)
- CryptReleaseContext(hProv, 0);
- if(pbHash)
- free(pbHash);
-
- return hash;
-}
-
wstring mir_twitter::OAuthCreateSignature( const wstring& signatureBase, const wstring& consumerSecret, const wstring& requestTokenSecret )
{
// URL encode key elements
@@ -652,12 +425,9 @@ wstring mir_twitter::OAuthCreateSignature( const wstring& signatureBase, const w wstring key = escapedConsumerSecret + L"&" + escapedTokenSecret;
string keyBytes = WideToUTF8(key);
+ BYTE digest[MIR_SHA1_HASH_SIZE];
string data = WideToUTF8(signatureBase);
- string hash = HMACSHA1(keyBytes, data);
- ptrA encoded( mir_base64_encode((PBYTE)hash.c_str(), (unsigned)hash.length()));
- wstring signature = _A2T(encoded);
-
- // URL encode the returned signature
- signature = UrlEncode(signature);
- return signature;
+ mir_hmac_sha1(digest, (PBYTE)keyBytes.c_str(), keyBytes.size(), (PBYTE)data.c_str(), data.size());
+ ptrA encoded( mir_base64_encode(digest, sizeof(digest)));
+ return UrlEncode((TCHAR*)_A2T(encoded));
}
|