-rw-r--r-- | lib/util.cc | 11 |
1 files changed, 7 insertions, 4 deletions
diff --git a/lib/util.cc b/lib/util.cc index b85a377..bb8a2e8 100644 --- a/lib/util.cc +++ b/lib/util.cc @@ -1,38 +1,40 @@ #include <errno.h> #include <cassert> #include <cctype> #include <cstring> #include <vector> #include <string> #include <stack> #include <algorithm> #include <openssl/bio.h> #include <openssl/evp.h> +#include <openssl/sha.h> #include <openssl/hmac.h> #include <curl/curl.h> -#include "opkele/util.h" -#include "opkele/exception.h" +#include <opkele/util.h> +#include <opkele/exception.h> +#include <opkele/debug.h> #include <config.h> #ifdef HAVE_DEMANGLE # include <cxxabi.h> #endif namespace opkele { using namespace std; namespace util { /* * base64 */ string encode_base64(const void *data,size_t length) { BIO *b64 = 0, *bmem = 0; try { b64 = BIO_new(BIO_f_base64()); if(!b64) throw exception_openssl(OPKELE_CP_ "failed to BIO_new() base64 encoder"); BIO_set_flags(b64,BIO_FLAGS_BASE64_NO_NL); bmem = BIO_new(BIO_s_mem()); BIO_set_flags(b64,BIO_CLOSE); if(!bmem) @@ -399,34 +401,35 @@ namespace opkele { const string& slist = om.get_field("signed"); string kv; string::size_type p=0; while(true) { string::size_type co = slist.find(',',p); string f = (co==string::npos) ?slist.substr(p):slist.substr(p,co-p); kv += f; kv += ':'; kv += om.get_field(f); kv += '\n'; if(co==string::npos) break; p = co+1; } const secret_t& secret = assoc->secret(); const EVP_MD *evpmd; const string& at = assoc->assoc_type(); if(at=="HMAC-SHA256") evpmd = EVP_sha256(); else if(at=="HMAC-SHA1") evpmd = EVP_sha1(); else throw unsupported(OPKELE_CP_ "unknown association type"); unsigned int md_len = 0; - unsigned char *md = HMAC(evpmd, + unsigned char md[SHA256_DIGEST_LENGTH]; + HMAC(evpmd, &(secret.front()),secret.size(), (const unsigned char*)kv.data(),kv.length(), - 0,&md_len); + md,&md_len); return encode_base64(md,md_len); } } } |