diff options
Diffstat (limited to 'protocols/Twitter')
-rw-r--r-- | protocols/Twitter/src/oauth.cpp | 238 | ||||
-rw-r--r-- | protocols/Twitter/src/oauth/sha1.c | 317 | ||||
-rw-r--r-- | protocols/Twitter/src/utility.h | 1 |
3 files changed, 4 insertions, 552 deletions
diff --git a/protocols/Twitter/src/oauth.cpp b/protocols/Twitter/src/oauth.cpp index cfc4812191..7a9a761bb6 100644 --- a/protocols/Twitter/src/oauth.cpp +++ b/protocols/Twitter/src/oauth.cpp @@ -416,233 +416,6 @@ wstring mir_twitter::OAuthCreateTimestamp() return buf;
}
-string mir_twitter::HMACSHA1( const string& keyBytes, const string& data )
-{
- // based on http://msdn.microsoft.com/en-us/library/aa382379%28v=VS.85%29.aspx
-
- string hash;
-
- //--------------------------------------------------------------------
- // Declare variables.
- //
- // hProv: Handle to a cryptographic service provider (CSP).
- // This example retrieves the default provider for
- // the PROV_RSA_FULL provider type.
- // hHash: Handle to the hash object needed to create a hash.
- // hKey: Handle to a symmetric key. This example creates a
- // key for the RC4 algorithm.
- // hHmacHash: Handle to an HMAC hash.
- // pbHash: Pointer to the hash.
- // dwDataLen: Length, in bytes, of the hash.
- // Data1: Password string used to create a symmetric key.
- // Data2: Message string to be hashed.
- // HmacInfo: Instance of an HMAC_INFO structure that contains
- // information about the HMAC hash.
- //
- HCRYPTPROV hProv = NULL;
- HCRYPTHASH hHash = NULL;
- HCRYPTKEY hKey = NULL;
- HCRYPTHASH hHmacHash = NULL;
- PBYTE pbHash = NULL;
- DWORD dwDataLen = 0;
- //BYTE Data1[] = {0x70,0x61,0x73,0x73,0x77,0x6F,0x72,0x64};
- //BYTE Data2[] = {0x6D,0x65,0x73,0x73,0x61,0x67,0x65};
- HMAC_INFO HmacInfo;
-
- //--------------------------------------------------------------------
- // Zero the HMAC_INFO structure and use the SHA1 algorithm for
- // hashing.
-
- ZeroMemory(&HmacInfo, sizeof(HmacInfo));
- HmacInfo.HashAlgid = CALG_SHA1;
-
- //--------------------------------------------------------------------
- // Acquire a handle to the default RSA cryptographic service provider.
-
- if (!CryptAcquireContext(
- &hProv, // handle of the CSP
- NULL, // key container name
- NULL, // CSP name
- PROV_RSA_FULL, // provider type
- CRYPT_VERIFYCONTEXT)) // no key access is requested
- {
- _TRACE(" Error in AcquireContext 0x%08x \n",
- GetLastError());
- goto ErrorExit;
- }
-
- //--------------------------------------------------------------------
- // Derive a symmetric key from a hash object by performing the
- // following steps:
- // 1. Call CryptCreateHash to retrieve a handle to a hash object.
- // 2. Call CryptHashData to add a text string (password) to the
- // hash object.
- // 3. Call CryptDeriveKey to create the symmetric key from the
- // hashed password derived in step 2.
- // You will use the key later to create an HMAC hash object.
-
- if (!CryptCreateHash(
- hProv, // handle of the CSP
- CALG_SHA1, // hash algorithm to use
- 0, // hash key
- 0, // reserved
- &hHash)) // address of hash object handle
- {
- _TRACE("Error in CryptCreateHash 0x%08x \n",
- GetLastError());
- goto ErrorExit;
- }
-
- if (!CryptHashData(
- hHash, // handle of the hash object
- (BYTE*)keyBytes.c_str(), // password to hash
- (DWORD)keyBytes.size(), // number of bytes of data to add
- 0)) // flags
- {
- _TRACE("Error in CryptHashData 0x%08x \n",
- GetLastError());
- goto ErrorExit;
- }
-
- // key creation based on
- // http://mirror.leaseweb.com/NetBSD/NetBSD-release-5-0/src/dist/wpa/src/crypto/crypto_cryptoapi.c
- struct {
- BLOBHEADER hdr;
- DWORD len;
- BYTE key[1024]; // TODO might want to dynamically allocate this, Should Be Fine though
- } key_blob;
-
- key_blob.hdr.bType = PLAINTEXTKEYBLOB;
- key_blob.hdr.bVersion = CUR_BLOB_VERSION;
- key_blob.hdr.reserved = 0;
- /*
- * Note: RC2 is not really used, but that can be used to
- * import HMAC keys of up to 16 byte long.
- * CRYPT_IPSEC_HMAC_KEY flag for CryptImportKey() is needed to
- * be able to import longer keys (HMAC-SHA1 uses 20-byte key).
- */
- key_blob.hdr.aiKeyAlg = CALG_RC2;
- key_blob.len = (DWORD)keyBytes.size();
- ZeroMemory(key_blob.key, sizeof(key_blob.key));
-
- _ASSERTE(keyBytes.size() <= SIZEOF(key_blob.key));
- CopyMemory(key_blob.key, keyBytes.c_str(), min(keyBytes.size(), SIZEOF(key_blob.key)));
-
- if (!CryptImportKey(
- hProv,
- (BYTE *)&key_blob,
- sizeof(key_blob),
- 0,
- CRYPT_IPSEC_HMAC_KEY,
- &hKey))
- {
- _TRACE("Error in CryptImportKey 0x%08x \n", GetLastError());
- goto ErrorExit;
- }
-
- //--------------------------------------------------------------------
- // Create an HMAC by performing the following steps:
- // 1. Call CryptCreateHash to create a hash object and retrieve
- // a handle to it.
- // 2. Call CryptSetHashParam to set the instance of the HMAC_INFO
- // structure into the hash object.
- // 3. Call CryptHashData to compute a hash of the message.
- // 4. Call CryptGetHashParam to retrieve the size, in bytes, of
- // the hash.
- // 5. Call malloc to allocate memory for the hash.
- // 6. Call CryptGetHashParam again to retrieve the HMAC hash.
-
- if (!CryptCreateHash(
- hProv, // handle of the CSP.
- CALG_HMAC, // HMAC hash algorithm ID
- hKey, // key for the hash (see above)
- 0, // reserved
- &hHmacHash)) // address of the hash handle
- {
- _TRACE("Error in CryptCreateHash 0x%08x \n",
- GetLastError());
- goto ErrorExit;
- }
-
- if (!CryptSetHashParam(
- hHmacHash, // handle of the HMAC hash object
- HP_HMAC_INFO, // setting an HMAC_INFO object
- (BYTE*)&HmacInfo, // the HMAC_INFO object
- 0)) // reserved
- {
- _TRACE("Error in CryptSetHashParam 0x%08x \n",
- GetLastError());
- goto ErrorExit;
- }
-
- if (!CryptHashData(
- hHmacHash, // handle of the HMAC hash object
- (BYTE*)data.c_str(), // message to hash
- (DWORD)data.size(), // number of bytes of data to add
- 0)) // flags
- {
- _TRACE("Error in CryptHashData 0x%08x \n",
- GetLastError());
- goto ErrorExit;
- }
-
- //--------------------------------------------------------------------
- // Call CryptGetHashParam twice. Call it the first time to retrieve
- // the size, in bytes, of the hash. Allocate memory. Then call
- // CryptGetHashParam again to retrieve the hash value.
-
- if (!CryptGetHashParam(
- hHmacHash, // handle of the HMAC hash object
- HP_HASHVAL, // query on the hash value
- NULL, // filled on second call
- &dwDataLen, // length, in bytes, of the hash
- 0))
- {
- _TRACE("Error in CryptGetHashParam 0x%08x \n",
- GetLastError());
- goto ErrorExit;
- }
-
- pbHash = (BYTE*)malloc(dwDataLen);
- if(NULL == pbHash)
- {
- _TRACE("unable to allocate memory\n");
- goto ErrorExit;
- }
-
- if (!CryptGetHashParam(
- hHmacHash, // handle of the HMAC hash object
- HP_HASHVAL, // query on the hash value
- pbHash, // pointer to the HMAC hash value
- &dwDataLen, // length, in bytes, of the hash
- 0))
- {
- _TRACE("Error in CryptGetHashParam 0x%08x \n", GetLastError());
- goto ErrorExit;
- }
-
- for(DWORD i = 0 ; i < dwDataLen ; i++)
- {
- hash.push_back((char)pbHash[i]);
- }
-
- // Free resources.
- // lol goto
-ErrorExit:
- if(hHmacHash)
- CryptDestroyHash(hHmacHash);
- if(hKey)
- CryptDestroyKey(hKey);
- if(hHash)
- CryptDestroyHash(hHash);
- if(hProv)
- CryptReleaseContext(hProv, 0);
- if(pbHash)
- free(pbHash);
-
- return hash;
-}
-
wstring mir_twitter::OAuthCreateSignature( const wstring& signatureBase, const wstring& consumerSecret, const wstring& requestTokenSecret )
{
// URL encode key elements
@@ -652,12 +425,9 @@ wstring mir_twitter::OAuthCreateSignature( const wstring& signatureBase, const w wstring key = escapedConsumerSecret + L"&" + escapedTokenSecret;
string keyBytes = WideToUTF8(key);
+ BYTE digest[MIR_SHA1_HASH_SIZE];
string data = WideToUTF8(signatureBase);
- string hash = HMACSHA1(keyBytes, data);
- ptrA encoded( mir_base64_encode((PBYTE)hash.c_str(), (unsigned)hash.length()));
- wstring signature = _A2T(encoded);
-
- // URL encode the returned signature
- signature = UrlEncode(signature);
- return signature;
+ mir_hmac_sha1(digest, (PBYTE)keyBytes.c_str(), keyBytes.size(), (PBYTE)data.c_str(), data.size());
+ ptrA encoded( mir_base64_encode(digest, sizeof(digest)));
+ return UrlEncode((TCHAR*)_A2T(encoded));
}
diff --git a/protocols/Twitter/src/oauth/sha1.c b/protocols/Twitter/src/oauth/sha1.c deleted file mode 100644 index c3189008ac..0000000000 --- a/protocols/Twitter/src/oauth/sha1.c +++ /dev/null @@ -1,317 +0,0 @@ -/* This code is public-domain - it is based on libcrypt - * placed in the public domain by Wei Dai and other contributors. - */ -// gcc -Wall -DSHA1TEST -o sha1test sha1.c && ./sha1test - -#include <stdint.h> -#include <string.h> - -/* header */ - -#define HASH_LENGTH 20 -#define BLOCK_LENGTH 64 - -union _buffer { - uint8_t b[BLOCK_LENGTH]; - uint32_t w[BLOCK_LENGTH/4]; -}; - -union _state { - uint8_t b[HASH_LENGTH]; - uint32_t w[HASH_LENGTH/4]; -}; - -typedef struct sha1nfo { - union _buffer buffer; - uint8_t bufferOffset; - union _state state; - uint32_t byteCount; - uint8_t keyBuffer[BLOCK_LENGTH]; - uint8_t innerHash[HASH_LENGTH]; -} sha1nfo; - -/* public API - prototypes - TODO: doxygen*/ - -/** - */ -void sha1_init(sha1nfo *s); -/** - */ -void sha1_writebyte(sha1nfo *s, uint8_t data); -/** - */ -void sha1_write(sha1nfo *s, const char *data, size_t len); -/** - */ -uint8_t* sha1_result(sha1nfo *s); -/** - */ -void sha1_initHmac(sha1nfo *s, const uint8_t* key, int keyLength); -/** - */ -uint8_t* sha1_resultHmac(sha1nfo *s); - - -/* code */ -#define SHA1_K0 0x5a827999 -#define SHA1_K20 0x6ed9eba1 -#define SHA1_K40 0x8f1bbcdc -#define SHA1_K60 0xca62c1d6 - -const uint8_t sha1InitState[] = { - 0x01,0x23,0x45,0x67, // H0 - 0x89,0xab,0xcd,0xef, // H1 - 0xfe,0xdc,0xba,0x98, // H2 - 0x76,0x54,0x32,0x10, // H3 - 0xf0,0xe1,0xd2,0xc3 // H4 -}; - -void sha1_init(sha1nfo *s) { - memcpy(s->state.b,sha1InitState,HASH_LENGTH); - s->byteCount = 0; - s->bufferOffset = 0; -} - -uint32_t sha1_rol32(uint32_t number, uint8_t bits) { - return ((number << bits) | (number >> (32-bits))); -} - -void sha1_hashBlock(sha1nfo *s) { - uint8_t i; - uint32_t a,b,c,d,e,t; - - a=s->state.w[0]; - b=s->state.w[1]; - c=s->state.w[2]; - d=s->state.w[3]; - e=s->state.w[4]; - for (i=0; i<80; i++) { - if (i>=16) { - t = s->buffer.w[(i+13)&15] ^ s->buffer.w[(i+8)&15] ^ s->buffer.w[(i+2)&15] ^ s->buffer.w[i&15]; - s->buffer.w[i&15] = sha1_rol32(t,1); - } - if (i<20) { - t = (d ^ (b & (c ^ d))) + SHA1_K0; - } else if (i<40) { - t = (b ^ c ^ d) + SHA1_K20; - } else if (i<60) { - t = ((b & c) | (d & (b | c))) + SHA1_K40; - } else { - t = (b ^ c ^ d) + SHA1_K60; - } - t+=sha1_rol32(a,5) + e + s->buffer.w[i&15]; - e=d; - d=c; - c=sha1_rol32(b,30); - b=a; - a=t; - } - s->state.w[0] += a; - s->state.w[1] += b; - s->state.w[2] += c; - s->state.w[3] += d; - s->state.w[4] += e; -} - -void sha1_addUncounted(sha1nfo *s, uint8_t data) { - s->buffer.b[s->bufferOffset ^ 3] = data; - s->bufferOffset++; - if (s->bufferOffset == BLOCK_LENGTH) { - sha1_hashBlock(s); - s->bufferOffset = 0; - } -} - -void sha1_writebyte(sha1nfo *s, uint8_t data) { - ++s->byteCount; - sha1_addUncounted(s, data); -} - -void sha1_write(sha1nfo *s, const char *data, size_t len) { - for (;len--;) sha1_writebyte(s, (uint8_t) *data++); -} - -void sha1_pad(sha1nfo *s) { - // Implement SHA-1 padding (fips180-2 ยง5.1.1) - - // Pad with 0x80 followed by 0x00 until the end of the block - sha1_addUncounted(s, 0x80); - while (s->bufferOffset != 56) sha1_addUncounted(s, 0x00); - - // Append length in the last 8 bytes - sha1_addUncounted(s, 0); // We're only using 32 bit lengths - sha1_addUncounted(s, 0); // But SHA-1 supports 64 bit lengths - sha1_addUncounted(s, 0); // So zero pad the top bits - sha1_addUncounted(s, s->byteCount >> 29); // Shifting to multiply by 8 - sha1_addUncounted(s, s->byteCount >> 21); // as SHA-1 supports bitstreams as well as - sha1_addUncounted(s, s->byteCount >> 13); // byte. - sha1_addUncounted(s, s->byteCount >> 5); - sha1_addUncounted(s, s->byteCount << 3); -} - -uint8_t* sha1_result(sha1nfo *s) { - int i; - // Pad to complete the last block - sha1_pad(s); - - // Swap byte order back - for (i=0; i<5; i++) { - uint32_t a,b; - a=s->state.w[i]; - b=a<<24; - b|=(a<<8) & 0x00ff0000; - b|=(a>>8) & 0x0000ff00; - b|=a>>24; - s->state.w[i]=b; - } - - // Return pointer to hash (20 characters) - return s->state.b; -} - -#define HMAC_IPAD 0x36 -#define HMAC_OPAD 0x5c - -void sha1_initHmac(sha1nfo *s, const uint8_t* key, int keyLength) { - uint8_t i; - memset(s->keyBuffer, 0, BLOCK_LENGTH); - if (keyLength > BLOCK_LENGTH) { - // Hash long keys - sha1_init(s); - for (;keyLength--;) sha1_writebyte(s, *key++); - memcpy(s->keyBuffer, sha1_result(s), HASH_LENGTH); - } else { - // Block length keys are used as is - memcpy(s->keyBuffer, key, keyLength); - } - // Start inner hash - sha1_init(s); - for (i=0; i<BLOCK_LENGTH; i++) { - sha1_writebyte(s, s->keyBuffer[i] ^ HMAC_IPAD); - } -} - -uint8_t* sha1_resultHmac(sha1nfo *s) { - uint8_t i; - // Complete inner hash - memcpy(s->innerHash,sha1_result(s),HASH_LENGTH); - // Calculate outer hash - sha1_init(s); - for (i=0; i<BLOCK_LENGTH; i++) sha1_writebyte(s, s->keyBuffer[i] ^ HMAC_OPAD); - for (i=0; i<HASH_LENGTH; i++) sha1_writebyte(s, s->innerHash[i]); - return sha1_result(s); -} - -/* self-test */ - -#if SHA1TEST -#include <stdio.h> - -uint8_t hmacKey1[]={ - 0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,0x09,0x0a,0x0b,0x0c,0x0d,0x0e,0x0f, - 0x10,0x11,0x12,0x13,0x14,0x15,0x16,0x17,0x18,0x19,0x1a,0x1b,0x1c,0x1d,0x1e,0x1f, - 0x20,0x21,0x22,0x23,0x24,0x25,0x26,0x27,0x28,0x29,0x2a,0x2b,0x2c,0x2d,0x2e,0x2f, - 0x30,0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,0x39,0x3a,0x3b,0x3c,0x3d,0x3e,0x3f -}; -uint8_t hmacKey2[]={ - 0x30,0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,0x39,0x3a,0x3b,0x3c,0x3d,0x3e,0x3f, - 0x40,0x41,0x42,0x43 -}; -uint8_t hmacKey3[]={ - 0x50,0x51,0x52,0x53,0x54,0x55,0x56,0x57,0x58,0x59,0x5a,0x5b,0x5c,0x5d,0x5e,0x5f, - 0x60,0x61,0x62,0x63,0x64,0x65,0x66,0x67,0x68,0x69,0x6a,0x6b,0x6c,0x6d,0x6e,0x6f, - 0x70,0x71,0x72,0x73,0x74,0x75,0x76,0x77,0x78,0x79,0x7a,0x7b,0x7c,0x7d,0x7e,0x7f, - 0x80,0x81,0x82,0x83,0x84,0x85,0x86,0x87,0x88,0x89,0x8a,0x8b,0x8c,0x8d,0x8e,0x8f, - 0x90,0x91,0x92,0x93,0x94,0x95,0x96,0x97,0x98,0x99,0x9a,0x9b,0x9c,0x9d,0x9e,0x9f, - 0xa0,0xa1,0xa2,0xa3,0xa4,0xa5,0xa6,0xa7,0xa8,0xa9,0xaa,0xab,0xac,0xad,0xae,0xaf, - 0xb0,0xb1,0xb2,0xb3 -}; -uint8_t hmacKey4[]={ - 0x70,0x71,0x72,0x73,0x74,0x75,0x76,0x77,0x78,0x79,0x7a,0x7b,0x7c,0x7d,0x7e,0x7f, - 0x80,0x81,0x82,0x83,0x84,0x85,0x86,0x87,0x88,0x89,0x8a,0x8b,0x8c,0x8d,0x8e,0x8f, - 0x90,0x91,0x92,0x93,0x94,0x95,0x96,0x97,0x98,0x99,0x9a,0x9b,0x9c,0x9d,0x9e,0x9f, - 0xa0 -}; - -void printHash(uint8_t* hash) { - int i; - for (i=0; i<20; i++) { - printf("%02x", hash[i]); - } - printf("\n"); -} - - -int main (int argc, char **argv) { - uint32_t a; - sha1nfo s; - - // SHA tests - printf("Test: FIPS 180-2 C.1 and RFC3174 7.3 TEST1\n"); - printf("Expect:a9993e364706816aba3e25717850c26c9cd0d89d\n"); - printf("Result:"); - sha1_init(&s); - sha1_write(&s, "abc", 3); - printHash(sha1_result(&s)); - printf("\n\n"); - - printf("Test: FIPS 180-2 C.2 and RFC3174 7.3 TEST2\n"); - printf("Expect:84983e441c3bd26ebaae4aa1f95129e5e54670f1\n"); - printf("Result:"); - sha1_init(&s); - sha1_write(&s, "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq", 56); - printHash(sha1_result(&s)); - printf("\n\n"); - - printf("Test: RFC3174 7.3 TEST4\n"); - printf("Expect:dea356a2cddd90c7a7ecedc5ebb563934f460452\n"); - printf("Result:"); - sha1_init(&s); - for (a=0; a<80; a++) sha1_write(&s, "01234567", 8); - printHash(sha1_result(&s)); - printf("\n\n"); - - // HMAC tests - printf("Test: FIPS 198a A.1\n"); - printf("Expect:4f4ca3d5d68ba7cc0a1208c9c61e9c5da0403c0a\n"); - printf("Result:"); - sha1_initHmac(&s, hmacKey1, 64); - sha1_write(&s, "Sample #1",9); - printHash(sha1_resultHmac(&s)); - printf("\n\n"); - - printf("Test: FIPS 198a A.2\n"); - printf("Expect:0922d3405faa3d194f82a45830737d5cc6c75d24\n"); - printf("Result:"); - sha1_initHmac(&s, hmacKey2, 20); - sha1_write(&s, "Sample #2", 9); - printHash(sha1_resultHmac(&s)); - printf("\n\n"); - - printf("Test: FIPS 198a A.3\n"); - printf("Expect:bcf41eab8bb2d802f3d05caf7cb092ecf8d1a3aa\n"); - printf("Result:"); - sha1_initHmac(&s, hmacKey3,100); - sha1_write(&s, "Sample #3", 9); - printHash(sha1_resultHmac(&s)); - printf("\n\n"); - - printf("Test: FIPS 198a A.4\n"); - printf("Expect:9ea886efe268dbecce420c7524df32e0751a2a26\n"); - printf("Result:"); - sha1_initHmac(&s, hmacKey4,49); - sha1_write(&s, "Sample #4", 9); - printHash(sha1_resultHmac(&s)); - printf("\n\n"); - - // Long tests - printf("Test: FIPS 180-2 C.3 and RFC3174 7.3 TEST3\n"); - printf("Expect:34aa973cd4c4daa4f61eeb2bdbad27316534016f\n"); - printf("Result:"); - sha1_init(&s); - for (a=0; a<1000000; a++) sha1_writebyte(&s, 'a'); - printHash(sha1_result(&s)); - - return 0; -} -#endif /* self-test */ diff --git a/protocols/Twitter/src/utility.h b/protocols/Twitter/src/utility.h index 11d5b4f6ea..42d2313002 100644 --- a/protocols/Twitter/src/utility.h +++ b/protocols/Twitter/src/utility.h @@ -76,7 +76,6 @@ public: std::wstring OAuthCreateNonce();
std::wstring OAuthCreateTimestamp();
- std::string HMACSHA1( const std::string& keyBytes, const std::string& data );
std::wstring OAuthCreateSignature( const std::wstring& signatureBase, const std::wstring& consumerSecret, const std::wstring& requestTokenSecret );
protected:
|