Use HMAC glib implementation instead of rolling our own

https://bugzilla.gnome.org/show_bug.cgi?id=658725

8 files changed, 5 insertions, 140 deletions

diff --git a/configure.ac b/configure.ac
index f1105ae..680ade1 100644
--- a/configure.ac
+++ b/configure.ac
@@ -40,7 +40,7 @@ AM_PROG_CC_C_O
 LT_PREREQ([2.2.6])
 LT_INIT([disable-static])
 
-PKG_CHECK_MODULES(GLIB, glib-2.0 >= 2.24)
+PKG_CHECK_MODULES(GLIB, glib-2.0 >= 2.30)
 PKG_CHECK_MODULES(SOUP, libsoup-2.4)
 PKG_CHECK_MODULES(XML, libxml-2.0)
 PKG_CHECK_MODULES(GTHREAD, gthread-2.0)
diff --git a/rest-extras/flickr-proxy-call.c b/rest-extras/flickr-proxy-call.c
index a9bc6f7..51881dd 100644
--- a/rest-extras/flickr-proxy-call.c
+++ b/rest-extras/flickr-proxy-call.c
@@ -26,7 +26,6 @@
 #include "flickr-proxy-call.h"
 #include "flickr-proxy-private.h"
 #include "rest/rest-proxy-call-private.h"
-#include "rest/sha1.h"
 
 G_DEFINE_TYPE (FlickrProxyCall, flickr_proxy_call, REST_TYPE_PROXY_CALL)
 
diff --git a/rest-extras/lastfm-proxy-call.c b/rest-extras/lastfm-proxy-call.c
index 5e04038..afc7288 100644
--- a/rest-extras/lastfm-proxy-call.c
+++ b/rest-extras/lastfm-proxy-call.c
@@ -27,7 +27,6 @@
 #include "lastfm-proxy-call.h"
 #include "lastfm-proxy-private.h"
 #include "rest/rest-proxy-call-private.h"
-#include "rest/sha1.h"
 
 G_DEFINE_TYPE (LastfmProxyCall, lastfm_proxy_call, REST_TYPE_PROXY_CALL)
 
diff --git a/rest/Makefile.am b/rest/Makefile.am
index e8a313f..35067c5 100644
--- a/rest/Makefile.am
+++ b/rest/Makefile.am
@@ -18,9 +18,7 @@ lib_sources = \
 	oauth-proxy-private.h 		\
 	oauth2-proxy.c			\
 	oauth2-proxy-call.c		\
-	oauth2-proxy-private.h 		\
-	sha1.c				\
-	sha1.h
+	oauth2-proxy-private.h
 lib_headers = \
 	rest-param.h		\
 	rest-params.h		\
diff --git a/rest/oauth-proxy-call.c b/rest/oauth-proxy-call.c
index d8cff95..c9d1ecd 100644
--- a/rest/oauth-proxy-call.c
+++ b/rest/oauth-proxy-call.c
@@ -26,7 +26,6 @@
 #include "oauth-proxy-call.h"
 #include "oauth-proxy-private.h"
 #include "rest-proxy-call-private.h"
-#include "sha1.h"
 
 G_DEFINE_TYPE (OAuthProxyCall, oauth_proxy_call, REST_TYPE_PROXY_CALL)
 
@@ -163,8 +162,9 @@ sign_hmac (OAuthProxy *proxy, RestProxyCall *call, GHashTable *oauth_params)
   /* PLAINTEXT signature value is the HMAC-SHA1 key value */
   key = sign_plaintext (priv);
 
-  signature = hmac_sha1 (key, text->str);
-
+  signature = g_compute_hmac_for_string (G_CHECKSUM_SHA1,
+                                         (guchar *)key, strlen (key),
+                                         text->str, -1);
   g_free (key);
   g_string_free (text, TRUE);
 
diff --git a/rest/oauth2-proxy-call.c b/rest/oauth2-proxy-call.c
index f0d441c..87ad8f7 100644
--- a/rest/oauth2-proxy-call.c
+++ b/rest/oauth2-proxy-call.c
@@ -27,7 +27,6 @@
 #include "oauth2-proxy-call.h"
 #include "oauth2-proxy-private.h"
 #include "rest-proxy-call-private.h"
-#include "sha1.h"
 
 G_DEFINE_TYPE (OAuth2ProxyCall, oauth2_proxy_call, REST_TYPE_PROXY_CALL)
 
diff --git a/rest/sha1.c b/rest/sha1.c
deleted file mode 100644
index b2f4f0b..0000000
--- a/rest/sha1.c
+++ /dev/null
@@ -1,108 +0,0 @@
-/*
- * librest - RESTful web services access
- * Copyright (c) 2008, 2009, Intel Corporation.
- *
- * Authors: Ross Burton <ross@linux.intel.com>
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms and conditions of the GNU Lesser General Public License,
- * version 2.1, as published by the Free Software Foundation.
- *
- * This program is distributed in the hope it will be useful, but WITHOUT ANY
- * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
- * FOR A PARTICULAR PURPOSE.  See the GNU Lesser General Public License for
- * more details.
- *
- * You should have received a copy of the GNU Lesser General Public License
- * along with this program; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin St - Fifth Floor, Boston, MA 02110-1301 USA.
- *
- */
-
-#include <string.h>
-#include <glib.h>
-#include "sha1.h"
-
-#define SHA1_BLOCK_SIZE 64
-#define SHA1_LENGTH 20
-
-/*
- * hmac_sha1:
- * @key: The key
- * @message: The message
- *
- * Given the key and message, compute the HMAC-SHA1 hash and return the base-64
- * encoding of it.  This is very geared towards OAuth, and as such both key and
- * message must be NULL-terminated strings, and the result is base-64 encoded.
- */
-char *
-hmac_sha1 (const char *key, const char *message)
-{
-  GChecksum *checksum;
-  char *real_key;
-  guchar ipad[SHA1_BLOCK_SIZE];
-  guchar opad[SHA1_BLOCK_SIZE];
-  guchar inner[SHA1_LENGTH];
-  guchar digest[SHA1_LENGTH];
-  gsize key_length, inner_length, digest_length;
-  int i;
-
-  g_return_val_if_fail (key, NULL);
-  g_return_val_if_fail (message, NULL);
-
-  checksum = g_checksum_new (G_CHECKSUM_SHA1);
-
-  /* If the key is longer than the block size, hash it first */
-  if (strlen (key) > SHA1_BLOCK_SIZE) {
-    guchar new_key[SHA1_LENGTH];
-
-    key_length = sizeof (new_key);
-
-    g_checksum_update (checksum, (guchar*)key, strlen (key));
-    g_checksum_get_digest (checksum, new_key, &key_length);
-    g_checksum_reset (checksum);
-
-    real_key = g_memdup (new_key, key_length);
-  } else {
-    real_key = g_strdup (key);
-    key_length = strlen (key);
-  }
-
-  /* Sanity check the length */
-  g_assert (key_length <= SHA1_BLOCK_SIZE);
-
-  /* Protect against use of the provided key by NULLing it */
-  key = NULL;
-
-  /* Stage 1 */
-  memset (ipad, 0, sizeof (ipad));
-  memset (opad, 0, sizeof (opad));
-
-  memcpy (ipad, real_key, key_length);
-  memcpy (opad, real_key, key_length);
-
-  /* Stage 2 and 5 */
-  for (i = 0; i < sizeof (ipad); i++) {
-    ipad[i] ^= 0x36;
-    opad[i] ^= 0x5C;
-  }
-
-  /* Stage 3 and 4 */
-  g_checksum_update (checksum, ipad, sizeof (ipad));
-  g_checksum_update (checksum, (guchar*)message, strlen (message));
-  inner_length = sizeof (inner);
-  g_checksum_get_digest (checksum, inner, &inner_length);
-  g_checksum_reset (checksum);
-
-  /* Stage 6 and 7 */
-  g_checksum_update (checksum, opad, sizeof (opad));
-  g_checksum_update (checksum, inner, inner_length);
-
-  digest_length = sizeof (digest);
-  g_checksum_get_digest (checksum, digest, &digest_length);
-
-  g_checksum_free (checksum);
-  g_free (real_key);
-
-  return g_base64_encode (digest, digest_length);
-}
diff --git a/rest/sha1.h b/rest/sha1.h
deleted file mode 100644
index 3538e21..0000000
--- a/rest/sha1.h
+++ /dev/null
@@ -1,22 +0,0 @@
-/*
- * librest - RESTful web services access
- * Copyright (c) 2008, 2009, Intel Corporation.
- *
- * Authors: Ross Burton <ross@linux.intel.com>
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms and conditions of the GNU Lesser General Public License,
- * version 2.1, as published by the Free Software Foundation.
- *
- * This program is distributed in the hope it will be useful, but WITHOUT ANY
- * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
- * FOR A PARTICULAR PURPOSE.  See the GNU Lesser General Public License for
- * more details.
- *
- * You should have received a copy of the GNU Lesser General Public License
- * along with this program; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin St - Fifth Floor, Boston, MA 02110-1301 USA.
- *
- */
-
-char * hmac_sha1 (const char *key, const char *message);