From 623722f7cc4c20d2b7d8df03035801acacda6018 Mon Sep 17 00:00:00 2001 From: George Hazan Date: Thu, 15 Aug 2013 20:00:29 +0000 Subject: mir_sha1_byte_t => BYTE; mir_sha1_long_t => ULONG; mir_hmac_sha1 went to core git-svn-id: http://svn.miranda-ng.org/main/trunk@5707 1316c22d-e87f-b044-9b9b-93d7a3e3ba9c --- protocols/Twitter/src/oauth.cpp | 238 +--------------------------- protocols/Twitter/src/oauth/sha1.c | 317 ------------------------------------- protocols/Twitter/src/utility.h | 1 - 3 files changed, 4 insertions(+), 552 deletions(-) delete mode 100644 protocols/Twitter/src/oauth/sha1.c (limited to 'protocols/Twitter') diff --git a/protocols/Twitter/src/oauth.cpp b/protocols/Twitter/src/oauth.cpp index cfc4812191..7a9a761bb6 100644 --- a/protocols/Twitter/src/oauth.cpp +++ b/protocols/Twitter/src/oauth.cpp @@ -416,233 +416,6 @@ wstring mir_twitter::OAuthCreateTimestamp() return buf; } -string mir_twitter::HMACSHA1( const string& keyBytes, const string& data ) -{ - // based on http://msdn.microsoft.com/en-us/library/aa382379%28v=VS.85%29.aspx - - string hash; - - //-------------------------------------------------------------------- - // Declare variables. - // - // hProv: Handle to a cryptographic service provider (CSP). - // This example retrieves the default provider for - // the PROV_RSA_FULL provider type. - // hHash: Handle to the hash object needed to create a hash. - // hKey: Handle to a symmetric key. This example creates a - // key for the RC4 algorithm. - // hHmacHash: Handle to an HMAC hash. - // pbHash: Pointer to the hash. - // dwDataLen: Length, in bytes, of the hash. - // Data1: Password string used to create a symmetric key. - // Data2: Message string to be hashed. - // HmacInfo: Instance of an HMAC_INFO structure that contains - // information about the HMAC hash. - // - HCRYPTPROV hProv = NULL; - HCRYPTHASH hHash = NULL; - HCRYPTKEY hKey = NULL; - HCRYPTHASH hHmacHash = NULL; - PBYTE pbHash = NULL; - DWORD dwDataLen = 0; - //BYTE Data1[] = {0x70,0x61,0x73,0x73,0x77,0x6F,0x72,0x64}; - //BYTE Data2[] = {0x6D,0x65,0x73,0x73,0x61,0x67,0x65}; - HMAC_INFO HmacInfo; - - //-------------------------------------------------------------------- - // Zero the HMAC_INFO structure and use the SHA1 algorithm for - // hashing. - - ZeroMemory(&HmacInfo, sizeof(HmacInfo)); - HmacInfo.HashAlgid = CALG_SHA1; - - //-------------------------------------------------------------------- - // Acquire a handle to the default RSA cryptographic service provider. - - if (!CryptAcquireContext( - &hProv, // handle of the CSP - NULL, // key container name - NULL, // CSP name - PROV_RSA_FULL, // provider type - CRYPT_VERIFYCONTEXT)) // no key access is requested - { - _TRACE(" Error in AcquireContext 0x%08x \n", - GetLastError()); - goto ErrorExit; - } - - //-------------------------------------------------------------------- - // Derive a symmetric key from a hash object by performing the - // following steps: - // 1. Call CryptCreateHash to retrieve a handle to a hash object. - // 2. Call CryptHashData to add a text string (password) to the - // hash object. - // 3. Call CryptDeriveKey to create the symmetric key from the - // hashed password derived in step 2. - // You will use the key later to create an HMAC hash object. - - if (!CryptCreateHash( - hProv, // handle of the CSP - CALG_SHA1, // hash algorithm to use - 0, // hash key - 0, // reserved - &hHash)) // address of hash object handle - { - _TRACE("Error in CryptCreateHash 0x%08x \n", - GetLastError()); - goto ErrorExit; - } - - if (!CryptHashData( - hHash, // handle of the hash object - (BYTE*)keyBytes.c_str(), // password to hash - (DWORD)keyBytes.size(), // number of bytes of data to add - 0)) // flags - { - _TRACE("Error in CryptHashData 0x%08x \n", - GetLastError()); - goto ErrorExit; - } - - // key creation based on - // http://mirror.leaseweb.com/NetBSD/NetBSD-release-5-0/src/dist/wpa/src/crypto/crypto_cryptoapi.c - struct { - BLOBHEADER hdr; - DWORD len; - BYTE key[1024]; // TODO might want to dynamically allocate this, Should Be Fine though - } key_blob; - - key_blob.hdr.bType = PLAINTEXTKEYBLOB; - key_blob.hdr.bVersion = CUR_BLOB_VERSION; - key_blob.hdr.reserved = 0; - /* - * Note: RC2 is not really used, but that can be used to - * import HMAC keys of up to 16 byte long. - * CRYPT_IPSEC_HMAC_KEY flag for CryptImportKey() is needed to - * be able to import longer keys (HMAC-SHA1 uses 20-byte key). - */ - key_blob.hdr.aiKeyAlg = CALG_RC2; - key_blob.len = (DWORD)keyBytes.size(); - ZeroMemory(key_blob.key, sizeof(key_blob.key)); - - _ASSERTE(keyBytes.size() <= SIZEOF(key_blob.key)); - CopyMemory(key_blob.key, keyBytes.c_str(), min(keyBytes.size(), SIZEOF(key_blob.key))); - - if (!CryptImportKey( - hProv, - (BYTE *)&key_blob, - sizeof(key_blob), - 0, - CRYPT_IPSEC_HMAC_KEY, - &hKey)) - { - _TRACE("Error in CryptImportKey 0x%08x \n", GetLastError()); - goto ErrorExit; - } - - //-------------------------------------------------------------------- - // Create an HMAC by performing the following steps: - // 1. Call CryptCreateHash to create a hash object and retrieve - // a handle to it. - // 2. Call CryptSetHashParam to set the instance of the HMAC_INFO - // structure into the hash object. - // 3. Call CryptHashData to compute a hash of the message. - // 4. Call CryptGetHashParam to retrieve the size, in bytes, of - // the hash. - // 5. Call malloc to allocate memory for the hash. - // 6. Call CryptGetHashParam again to retrieve the HMAC hash. - - if (!CryptCreateHash( - hProv, // handle of the CSP. - CALG_HMAC, // HMAC hash algorithm ID - hKey, // key for the hash (see above) - 0, // reserved - &hHmacHash)) // address of the hash handle - { - _TRACE("Error in CryptCreateHash 0x%08x \n", - GetLastError()); - goto ErrorExit; - } - - if (!CryptSetHashParam( - hHmacHash, // handle of the HMAC hash object - HP_HMAC_INFO, // setting an HMAC_INFO object - (BYTE*)&HmacInfo, // the HMAC_INFO object - 0)) // reserved - { - _TRACE("Error in CryptSetHashParam 0x%08x \n", - GetLastError()); - goto ErrorExit; - } - - if (!CryptHashData( - hHmacHash, // handle of the HMAC hash object - (BYTE*)data.c_str(), // message to hash - (DWORD)data.size(), // number of bytes of data to add - 0)) // flags - { - _TRACE("Error in CryptHashData 0x%08x \n", - GetLastError()); - goto ErrorExit; - } - - //-------------------------------------------------------------------- - // Call CryptGetHashParam twice. Call it the first time to retrieve - // the size, in bytes, of the hash. Allocate memory. Then call - // CryptGetHashParam again to retrieve the hash value. - - if (!CryptGetHashParam( - hHmacHash, // handle of the HMAC hash object - HP_HASHVAL, // query on the hash value - NULL, // filled on second call - &dwDataLen, // length, in bytes, of the hash - 0)) - { - _TRACE("Error in CryptGetHashParam 0x%08x \n", - GetLastError()); - goto ErrorExit; - } - - pbHash = (BYTE*)malloc(dwDataLen); - if(NULL == pbHash) - { - _TRACE("unable to allocate memory\n"); - goto ErrorExit; - } - - if (!CryptGetHashParam( - hHmacHash, // handle of the HMAC hash object - HP_HASHVAL, // query on the hash value - pbHash, // pointer to the HMAC hash value - &dwDataLen, // length, in bytes, of the hash - 0)) - { - _TRACE("Error in CryptGetHashParam 0x%08x \n", GetLastError()); - goto ErrorExit; - } - - for(DWORD i = 0 ; i < dwDataLen ; i++) - { - hash.push_back((char)pbHash[i]); - } - - // Free resources. - // lol goto -ErrorExit: - if(hHmacHash) - CryptDestroyHash(hHmacHash); - if(hKey) - CryptDestroyKey(hKey); - if(hHash) - CryptDestroyHash(hHash); - if(hProv) - CryptReleaseContext(hProv, 0); - if(pbHash) - free(pbHash); - - return hash; -} - wstring mir_twitter::OAuthCreateSignature( const wstring& signatureBase, const wstring& consumerSecret, const wstring& requestTokenSecret ) { // URL encode key elements @@ -652,12 +425,9 @@ wstring mir_twitter::OAuthCreateSignature( const wstring& signatureBase, const w wstring key = escapedConsumerSecret + L"&" + escapedTokenSecret; string keyBytes = WideToUTF8(key); + BYTE digest[MIR_SHA1_HASH_SIZE]; string data = WideToUTF8(signatureBase); - string hash = HMACSHA1(keyBytes, data); - ptrA encoded( mir_base64_encode((PBYTE)hash.c_str(), (unsigned)hash.length())); - wstring signature = _A2T(encoded); - - // URL encode the returned signature - signature = UrlEncode(signature); - return signature; + mir_hmac_sha1(digest, (PBYTE)keyBytes.c_str(), keyBytes.size(), (PBYTE)data.c_str(), data.size()); + ptrA encoded( mir_base64_encode(digest, sizeof(digest))); + return UrlEncode((TCHAR*)_A2T(encoded)); } diff --git a/protocols/Twitter/src/oauth/sha1.c b/protocols/Twitter/src/oauth/sha1.c deleted file mode 100644 index c3189008ac..0000000000 --- a/protocols/Twitter/src/oauth/sha1.c +++ /dev/null @@ -1,317 +0,0 @@ -/* This code is public-domain - it is based on libcrypt - * placed in the public domain by Wei Dai and other contributors. - */ -// gcc -Wall -DSHA1TEST -o sha1test sha1.c && ./sha1test - -#include -#include - -/* header */ - -#define HASH_LENGTH 20 -#define BLOCK_LENGTH 64 - -union _buffer { - uint8_t b[BLOCK_LENGTH]; - uint32_t w[BLOCK_LENGTH/4]; -}; - -union _state { - uint8_t b[HASH_LENGTH]; - uint32_t w[HASH_LENGTH/4]; -}; - -typedef struct sha1nfo { - union _buffer buffer; - uint8_t bufferOffset; - union _state state; - uint32_t byteCount; - uint8_t keyBuffer[BLOCK_LENGTH]; - uint8_t innerHash[HASH_LENGTH]; -} sha1nfo; - -/* public API - prototypes - TODO: doxygen*/ - -/** - */ -void sha1_init(sha1nfo *s); -/** - */ -void sha1_writebyte(sha1nfo *s, uint8_t data); -/** - */ -void sha1_write(sha1nfo *s, const char *data, size_t len); -/** - */ -uint8_t* sha1_result(sha1nfo *s); -/** - */ -void sha1_initHmac(sha1nfo *s, const uint8_t* key, int keyLength); -/** - */ -uint8_t* sha1_resultHmac(sha1nfo *s); - - -/* code */ -#define SHA1_K0 0x5a827999 -#define SHA1_K20 0x6ed9eba1 -#define SHA1_K40 0x8f1bbcdc -#define SHA1_K60 0xca62c1d6 - -const uint8_t sha1InitState[] = { - 0x01,0x23,0x45,0x67, // H0 - 0x89,0xab,0xcd,0xef, // H1 - 0xfe,0xdc,0xba,0x98, // H2 - 0x76,0x54,0x32,0x10, // H3 - 0xf0,0xe1,0xd2,0xc3 // H4 -}; - -void sha1_init(sha1nfo *s) { - memcpy(s->state.b,sha1InitState,HASH_LENGTH); - s->byteCount = 0; - s->bufferOffset = 0; -} - -uint32_t sha1_rol32(uint32_t number, uint8_t bits) { - return ((number << bits) | (number >> (32-bits))); -} - -void sha1_hashBlock(sha1nfo *s) { - uint8_t i; - uint32_t a,b,c,d,e,t; - - a=s->state.w[0]; - b=s->state.w[1]; - c=s->state.w[2]; - d=s->state.w[3]; - e=s->state.w[4]; - for (i=0; i<80; i++) { - if (i>=16) { - t = s->buffer.w[(i+13)&15] ^ s->buffer.w[(i+8)&15] ^ s->buffer.w[(i+2)&15] ^ s->buffer.w[i&15]; - s->buffer.w[i&15] = sha1_rol32(t,1); - } - if (i<20) { - t = (d ^ (b & (c ^ d))) + SHA1_K0; - } else if (i<40) { - t = (b ^ c ^ d) + SHA1_K20; - } else if (i<60) { - t = ((b & c) | (d & (b | c))) + SHA1_K40; - } else { - t = (b ^ c ^ d) + SHA1_K60; - } - t+=sha1_rol32(a,5) + e + s->buffer.w[i&15]; - e=d; - d=c; - c=sha1_rol32(b,30); - b=a; - a=t; - } - s->state.w[0] += a; - s->state.w[1] += b; - s->state.w[2] += c; - s->state.w[3] += d; - s->state.w[4] += e; -} - -void sha1_addUncounted(sha1nfo *s, uint8_t data) { - s->buffer.b[s->bufferOffset ^ 3] = data; - s->bufferOffset++; - if (s->bufferOffset == BLOCK_LENGTH) { - sha1_hashBlock(s); - s->bufferOffset = 0; - } -} - -void sha1_writebyte(sha1nfo *s, uint8_t data) { - ++s->byteCount; - sha1_addUncounted(s, data); -} - -void sha1_write(sha1nfo *s, const char *data, size_t len) { - for (;len--;) sha1_writebyte(s, (uint8_t) *data++); -} - -void sha1_pad(sha1nfo *s) { - // Implement SHA-1 padding (fips180-2 ยง5.1.1) - - // Pad with 0x80 followed by 0x00 until the end of the block - sha1_addUncounted(s, 0x80); - while (s->bufferOffset != 56) sha1_addUncounted(s, 0x00); - - // Append length in the last 8 bytes - sha1_addUncounted(s, 0); // We're only using 32 bit lengths - sha1_addUncounted(s, 0); // But SHA-1 supports 64 bit lengths - sha1_addUncounted(s, 0); // So zero pad the top bits - sha1_addUncounted(s, s->byteCount >> 29); // Shifting to multiply by 8 - sha1_addUncounted(s, s->byteCount >> 21); // as SHA-1 supports bitstreams as well as - sha1_addUncounted(s, s->byteCount >> 13); // byte. - sha1_addUncounted(s, s->byteCount >> 5); - sha1_addUncounted(s, s->byteCount << 3); -} - -uint8_t* sha1_result(sha1nfo *s) { - int i; - // Pad to complete the last block - sha1_pad(s); - - // Swap byte order back - for (i=0; i<5; i++) { - uint32_t a,b; - a=s->state.w[i]; - b=a<<24; - b|=(a<<8) & 0x00ff0000; - b|=(a>>8) & 0x0000ff00; - b|=a>>24; - s->state.w[i]=b; - } - - // Return pointer to hash (20 characters) - return s->state.b; -} - -#define HMAC_IPAD 0x36 -#define HMAC_OPAD 0x5c - -void sha1_initHmac(sha1nfo *s, const uint8_t* key, int keyLength) { - uint8_t i; - memset(s->keyBuffer, 0, BLOCK_LENGTH); - if (keyLength > BLOCK_LENGTH) { - // Hash long keys - sha1_init(s); - for (;keyLength--;) sha1_writebyte(s, *key++); - memcpy(s->keyBuffer, sha1_result(s), HASH_LENGTH); - } else { - // Block length keys are used as is - memcpy(s->keyBuffer, key, keyLength); - } - // Start inner hash - sha1_init(s); - for (i=0; ikeyBuffer[i] ^ HMAC_IPAD); - } -} - -uint8_t* sha1_resultHmac(sha1nfo *s) { - uint8_t i; - // Complete inner hash - memcpy(s->innerHash,sha1_result(s),HASH_LENGTH); - // Calculate outer hash - sha1_init(s); - for (i=0; ikeyBuffer[i] ^ HMAC_OPAD); - for (i=0; iinnerHash[i]); - return sha1_result(s); -} - -/* self-test */ - -#if SHA1TEST -#include - -uint8_t hmacKey1[]={ - 0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,0x09,0x0a,0x0b,0x0c,0x0d,0x0e,0x0f, - 0x10,0x11,0x12,0x13,0x14,0x15,0x16,0x17,0x18,0x19,0x1a,0x1b,0x1c,0x1d,0x1e,0x1f, - 0x20,0x21,0x22,0x23,0x24,0x25,0x26,0x27,0x28,0x29,0x2a,0x2b,0x2c,0x2d,0x2e,0x2f, - 0x30,0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,0x39,0x3a,0x3b,0x3c,0x3d,0x3e,0x3f -}; -uint8_t hmacKey2[]={ - 0x30,0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,0x39,0x3a,0x3b,0x3c,0x3d,0x3e,0x3f, - 0x40,0x41,0x42,0x43 -}; -uint8_t hmacKey3[]={ - 0x50,0x51,0x52,0x53,0x54,0x55,0x56,0x57,0x58,0x59,0x5a,0x5b,0x5c,0x5d,0x5e,0x5f, - 0x60,0x61,0x62,0x63,0x64,0x65,0x66,0x67,0x68,0x69,0x6a,0x6b,0x6c,0x6d,0x6e,0x6f, - 0x70,0x71,0x72,0x73,0x74,0x75,0x76,0x77,0x78,0x79,0x7a,0x7b,0x7c,0x7d,0x7e,0x7f, - 0x80,0x81,0x82,0x83,0x84,0x85,0x86,0x87,0x88,0x89,0x8a,0x8b,0x8c,0x8d,0x8e,0x8f, - 0x90,0x91,0x92,0x93,0x94,0x95,0x96,0x97,0x98,0x99,0x9a,0x9b,0x9c,0x9d,0x9e,0x9f, - 0xa0,0xa1,0xa2,0xa3,0xa4,0xa5,0xa6,0xa7,0xa8,0xa9,0xaa,0xab,0xac,0xad,0xae,0xaf, - 0xb0,0xb1,0xb2,0xb3 -}; -uint8_t hmacKey4[]={ - 0x70,0x71,0x72,0x73,0x74,0x75,0x76,0x77,0x78,0x79,0x7a,0x7b,0x7c,0x7d,0x7e,0x7f, - 0x80,0x81,0x82,0x83,0x84,0x85,0x86,0x87,0x88,0x89,0x8a,0x8b,0x8c,0x8d,0x8e,0x8f, - 0x90,0x91,0x92,0x93,0x94,0x95,0x96,0x97,0x98,0x99,0x9a,0x9b,0x9c,0x9d,0x9e,0x9f, - 0xa0 -}; - -void printHash(uint8_t* hash) { - int i; - for (i=0; i<20; i++) { - printf("%02x", hash[i]); - } - printf("\n"); -} - - -int main (int argc, char **argv) { - uint32_t a; - sha1nfo s; - - // SHA tests - printf("Test: FIPS 180-2 C.1 and RFC3174 7.3 TEST1\n"); - printf("Expect:a9993e364706816aba3e25717850c26c9cd0d89d\n"); - printf("Result:"); - sha1_init(&s); - sha1_write(&s, "abc", 3); - printHash(sha1_result(&s)); - printf("\n\n"); - - printf("Test: FIPS 180-2 C.2 and RFC3174 7.3 TEST2\n"); - printf("Expect:84983e441c3bd26ebaae4aa1f95129e5e54670f1\n"); - printf("Result:"); - sha1_init(&s); - sha1_write(&s, "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq", 56); - printHash(sha1_result(&s)); - printf("\n\n"); - - printf("Test: RFC3174 7.3 TEST4\n"); - printf("Expect:dea356a2cddd90c7a7ecedc5ebb563934f460452\n"); - printf("Result:"); - sha1_init(&s); - for (a=0; a<80; a++) sha1_write(&s, "01234567", 8); - printHash(sha1_result(&s)); - printf("\n\n"); - - // HMAC tests - printf("Test: FIPS 198a A.1\n"); - printf("Expect:4f4ca3d5d68ba7cc0a1208c9c61e9c5da0403c0a\n"); - printf("Result:"); - sha1_initHmac(&s, hmacKey1, 64); - sha1_write(&s, "Sample #1",9); - printHash(sha1_resultHmac(&s)); - printf("\n\n"); - - printf("Test: FIPS 198a A.2\n"); - printf("Expect:0922d3405faa3d194f82a45830737d5cc6c75d24\n"); - printf("Result:"); - sha1_initHmac(&s, hmacKey2, 20); - sha1_write(&s, "Sample #2", 9); - printHash(sha1_resultHmac(&s)); - printf("\n\n"); - - printf("Test: FIPS 198a A.3\n"); - printf("Expect:bcf41eab8bb2d802f3d05caf7cb092ecf8d1a3aa\n"); - printf("Result:"); - sha1_initHmac(&s, hmacKey3,100); - sha1_write(&s, "Sample #3", 9); - printHash(sha1_resultHmac(&s)); - printf("\n\n"); - - printf("Test: FIPS 198a A.4\n"); - printf("Expect:9ea886efe268dbecce420c7524df32e0751a2a26\n"); - printf("Result:"); - sha1_initHmac(&s, hmacKey4,49); - sha1_write(&s, "Sample #4", 9); - printHash(sha1_resultHmac(&s)); - printf("\n\n"); - - // Long tests - printf("Test: FIPS 180-2 C.3 and RFC3174 7.3 TEST3\n"); - printf("Expect:34aa973cd4c4daa4f61eeb2bdbad27316534016f\n"); - printf("Result:"); - sha1_init(&s); - for (a=0; a<1000000; a++) sha1_writebyte(&s, 'a'); - printHash(sha1_result(&s)); - - return 0; -} -#endif /* self-test */ diff --git a/protocols/Twitter/src/utility.h b/protocols/Twitter/src/utility.h index 11d5b4f6ea..42d2313002 100644 --- a/protocols/Twitter/src/utility.h +++ b/protocols/Twitter/src/utility.h @@ -76,7 +76,6 @@ public: std::wstring OAuthCreateNonce(); std::wstring OAuthCreateTimestamp(); - std::string HMACSHA1( const std::string& keyBytes, const std::string& data ); std::wstring OAuthCreateSignature( const std::wstring& signatureBase, const std::wstring& consumerSecret, const std::wstring& requestTokenSecret ); protected: -- cgit v1.2.3