Ur/Web OpenID Library: src/c/openid.c annotate

annotate src/c/openid.c @ 27:f129ddee75f3

Some XRDS fixes; ignore query strings in naming endpoints for association purposes

author	Adam Chlipala <adam@chlipala.net>
date	Sun, 23 Jan 2011 17:40:42 -0500
parents	ee97bc0e08fa
children	8d23d76b5d48

rev	line source
adam@14	1 #include <ctype.h>
adam@1	2 #include <string.h>
adam@1	3
adam@6	4 #include <openssl/bio.h>
adam@6	5 #include <openssl/evp.h>
adam@6	6 #include <openssl/buffer.h>
adam@0	7 #include <openssl/sha.h>
adam@7	8 #include <openssl/hmac.h>
adam@8	9 #include <openssl/dh.h>
adam@0	10 #include <curl/curl.h>
adam@1	11 #include <expat.h>
adam@0	12
adam@26	13 #include <pthread.h>
adam@26	14
adam@1	15 #include <openid.h>
adam@0	16
adam@3	17 #define BUF_MAX 10240
adam@3	18 #define BUF_INIT 1024
adam@3	19
adam@26	20 #define DEFAULT_PRIME "DCF93A0B883972EC0E19989AC5A2CE310E1D37717E8D9571BB7623731866E61EF75A2E27898B057F9891C2E27A639C3F29B60814581CD3B2CA3986D2683705577D45C2E7E52DC81C7A171876E5CEA74B1448BFDFAF18828EFD2519F14E45E3826634AF1949E5B535CC829A483B8A76223E5D490A257F05BDFF16F2FB22C583AB"
adam@26	21 #define DEFAULT_GENERATOR "2"
adam@26	22
adam@26	23 static BIGNUM default_prime, default_generator;
adam@2	24
adam@2	25 uw_Basis_string uw_OpenidFfi_endpoint(uw_context ctx, uw_OpenidFfi_discovery d) {
adam@8	26 return d.endpoint;
adam@2	27 }
adam@2	28
adam@2	29 uw_Basis_string uw_OpenidFfi_localId(uw_context ctx, uw_OpenidFfi_discovery d) {
adam@8	30 return d.localId;
adam@2	31 }
adam@2	32
adam@26	33 static pthread_mutex_t *locks;
adam@26	34
adam@26	35 static void locking_function(int mode, int n, const char *file, int line) {
adam@26	36 if (mode & CRYPTO_LOCK)
adam@26	37 pthread_mutex_lock(&locks[n]);
adam@26	38 else
adam@26	39 pthread_mutex_unlock(&locks[n]);
adam@26	40 }
adam@26	41
adam@26	42 static unsigned long id_function() {
adam@26	43 return pthread_self();
adam@26	44 }
adam@26	45
adam@0	46 uw_unit uw_OpenidFfi_init(uw_context ctx) {
adam@26	47 int nl = CRYPTO_num_locks(), i;
adam@26	48 locks = malloc(sizeof(pthread_mutex_t) * nl);
adam@26	49 for (i = 0; i < nl; ++i)
adam@26	50 pthread_mutex_init(&locks[i], NULL);
adam@26	51
adam@26	52 CRYPTO_set_locking_callback(locking_function);
adam@26	53 CRYPTO_set_id_callback(id_function);
adam@0	54 curl_global_init(CURL_GLOBAL_ALL);
adam@0	55
adam@26	56 BN_hex2bn(&default_prime, DEFAULT_PRIME);
adam@26	57 BN_dec2bn(&default_generator, DEFAULT_GENERATOR);
adam@26	58
adam@0	59 return uw_unit_v;
adam@0	60 }
adam@1	61
adam@1	62 static CURL *curl(uw_context ctx) {
adam@1	63 CURL *r;
adam@1	64
adam@1	65 if (!(r = uw_get_global(ctx, "curl"))) {
adam@1	66 r = curl_easy_init();
adam@1	67 if (r)
adam@1	68 uw_set_global(ctx, "curl", r, curl_easy_cleanup);
adam@1	69 }
adam@1	70
adam@1	71 return r;
adam@1	72 }
adam@1	73
adam@26	74 typedef enum { NONE, SERVICE, TYPE, MATCHED, URI } xrds_mode;
adam@26	75
adam@1	76 typedef struct {
adam@1	77 uw_context ctx;
adam@8	78 uw_OpenidFfi_discovery *d;
adam@26	79 xrds_mode mode;
adam@27	80 int cur_priority, max_priority;
adam@1	81 } endpoint;
adam@1	82
adam@1	83 static void XMLCALL startElement(void userData, const XML_Char name, const XML_Char **atts) {
adam@1	84 endpoint *ep = userData;
adam@1	85
adam@26	86 if (!strncmp(name, "xrd:", 4))
adam@26	87 name += 4;
adam@26	88
adam@1	89 if (!strcmp(name, "link")) {
adam@1	90 const XML_Char **attp;
adam@1	91 int found = 0;
adam@1	92
adam@1	93 for (attp = atts; *attp; attp += 2) {
adam@1	94 if (!strcmp(attp[0], "rel") && !strcmp(attp[1], "openid2.provider")) {
adam@1	95 found = 1;
adam@1	96 break;
adam@1	97 }
adam@1	98 }
adam@1	99
adam@1	100 if (found) {
adam@1	101 for (attp = atts; *attp; attp += 2) {
adam@1	102 if (!strcmp(attp[0], "href")) {
adam@2	103 ep->d->endpoint = uw_strdup(ep->ctx, attp[1]);
adam@1	104 return;
adam@1	105 }
adam@1	106 }
adam@1	107 }
adam@1	108 }
adam@27	109 else if (!strcmp(name, "Service")) {
adam@27	110 const XML_Char **attp;
adam@27	111
adam@27	112 ep->cur_priority = 0;
adam@27	113 for (attp = atts; *attp; attp += 2)
adam@27	114 if (!strcmp(attp[0], "priority")) {
adam@27	115 ep->cur_priority = atoi(attp[1]);
adam@27	116 break;
adam@27	117 }
adam@27	118
adam@26	119 ep->mode = SERVICE;
adam@27	120 } else if (!strcmp(name, "Type")) {
adam@26	121 if (ep->mode == SERVICE)
adam@26	122 ep->mode = TYPE;
adam@26	123 }
adam@26	124 else if (!strcmp(name, "URI")) {
adam@26	125 if (ep->mode == MATCHED)
adam@26	126 ep->mode = URI;
adam@26	127 }
adam@26	128 }
adam@26	129
adam@26	130 static char server[] = "http://specs.openid.net/auth/2.0/server";
adam@26	131 static char signon[] = "http://specs.openid.net/auth/2.0/signon";
adam@26	132
adam@26	133 static void XMLCALL cdata(void userData, const XML_Char s, int len) {
adam@26	134 endpoint *ep = userData;
adam@26	135
adam@26	136 switch (ep->mode) {
adam@26	137 case TYPE:
adam@26	138 if ((len == sizeof(server)-1 && !memcmp(server, s, sizeof(server)-1))
adam@26	139 \|\| (len == sizeof(signon)-1 && !memcmp(signon, s, sizeof(signon)-1)))
adam@26	140 ep->mode = MATCHED;
adam@26	141 break;
adam@26	142 case URI:
adam@27	143 if (ep->cur_priority < ep->max_priority) {
adam@27	144 ep->d->endpoint = uw_malloc(ep->ctx, len+1);
adam@27	145 memcpy(ep->d->endpoint, s, len);
adam@27	146 ep->d->endpoint[len] = 0;
adam@27	147 ep->max_priority = ep->cur_priority;
adam@27	148 }
adam@26	149 break;
adam@26	150 default:
adam@26	151 break;
adam@26	152 }
adam@26	153 }
adam@26	154
adam@26	155 static void XMLCALL endElement(void userData, const XML_Char name) {
adam@26	156 endpoint *ep = userData;
adam@26	157
adam@26	158 if (!strncmp(name, "xrd:", 4))
adam@26	159 name += 4;
adam@26	160
adam@26	161 if (!strcmp(name, "Service"))
adam@26	162 ep->mode = NONE;
adam@26	163 else if (!strcmp(name, "Type")) {
adam@26	164 if (ep->mode != MATCHED)
adam@26	165 ep->mode = SERVICE;
adam@26	166 }
adam@26	167 else if (!strcmp(name, "URI"))
adam@26	168 ep->mode = MATCHED;
adam@1	169 }
adam@1	170
adam@1	171 typedef struct {
adam@1	172 XML_Parser parser;
adam@1	173 int any_errors;
adam@3	174 } curl_discovery_data;
adam@1	175
adam@3	176 static size_t write_discovery_data(void buffer, size_t size, size_t nmemb, void userp) {
adam@3	177 curl_discovery_data *d = userp;
adam@1	178
adam@1	179 if (!XML_Parse(d->parser, buffer, size * nmemb, 0))
adam@1	180 d->any_errors = 1;
adam@1	181
adam@1	182 return size * nmemb;
adam@1	183 }
adam@1	184
adam@2	185 uw_OpenidFfi_discovery *uw_OpenidFfi_discover(uw_context ctx, uw_Basis_string id) {
adam@1	186 char *s;
adam@1	187 CURL *c = curl(ctx);
adam@3	188 curl_discovery_data cd = {};
adam@8	189 uw_OpenidFfi_discovery *dy = uw_malloc(ctx, sizeof(uw_OpenidFfi_discovery));
adam@27	190 endpoint ep = {ctx, dy, NONE, 0, INT_MAX};
adam@1	191 CURLcode code;
adam@27	192 struct curl_slist *headers = NULL;
adam@1	193
adam@2	194 dy->endpoint = dy->localId = NULL;
adam@2	195
adam@1	196 if (!strchr(id, ':')) {
adam@1	197 id = uw_Basis_strcat(ctx, "http://", id);
adam@1	198 if ((s = strchr(id, '#')) != NULL)
adam@1	199 *s = 0;
adam@1	200 } else if ((s = strchr(id, '#')) != NULL) {
adam@1	201 char *id2 = uw_malloc(ctx, s - id + 1);
adam@1	202 memcpy(id2, s, s - id);
adam@1	203 id2[s - id] = 0;
adam@1	204 id = id2;
adam@1	205 }
adam@1	206
adam@1	207 cd.parser = XML_ParserCreate(NULL);
adam@1	208 XML_SetUserData(cd.parser, &ep);
adam@1	209 uw_push_cleanup(ctx, (void ()(void ))XML_ParserFree, cd.parser);
adam@26	210 XML_SetElementHandler(cd.parser, startElement, endElement);
adam@26	211 XML_SetCharacterDataHandler(cd.parser, cdata);
adam@1	212
adam@26	213 curl_easy_reset(c);
adam@1	214 curl_easy_setopt(c, CURLOPT_URL, id);
adam@3	215 curl_easy_setopt(c, CURLOPT_WRITEFUNCTION, write_discovery_data);
adam@1	216 curl_easy_setopt(c, CURLOPT_WRITEDATA, &cd);
adam@27	217 curl_slist_append(headers, "Accept: application/xrds+xml");
adam@27	218 uw_push_cleanup(ctx, (void ()(void ))curl_slist_free_all, headers);
adam@27	219 curl_easy_setopt(c, CURLOPT_HTTPHEADER, headers);
adam@1	220
adam@1	221 code = curl_easy_perform(c);
adam@1	222 uw_pop_cleanup(ctx);
adam@27	223 uw_pop_cleanup(ctx);
adam@1	224
adam@8	225 if (code \|\| !dy->endpoint)
adam@1	226 return NULL;
adam@8	227 else
adam@8	228 return dy;
adam@1	229 }
adam@3	230
adam@3	231 uw_OpenidFfi_inputs uw_OpenidFfi_createInputs(uw_context ctx) {
adam@3	232 uw_buffer *r = uw_malloc(ctx, sizeof(uw_buffer));
adam@3	233 uw_buffer_init(BUF_MAX, r, BUF_INIT);
adam@3	234 return r;
adam@3	235 }
adam@3	236
adam@8	237 static void postify(uw_OpenidFfi_inputs buf, uw_Basis_string s) {
adam@14	238 char hex[4];
adam@14	239
adam@8	240 for (; *s; ++s) {
adam@14	241 if (isalnum(*s))
adam@14	242 uw_buffer_append(buf, s, 1);
adam@14	243 else {
adam@14	244 sprintf(hex, "%%%02X", (unsigned char)*s);
adam@14	245 uw_buffer_append(buf, hex, 3);
adam@14	246 }
adam@8	247 }
adam@3	248 }
adam@3	249
adam@3	250 uw_unit uw_OpenidFfi_addInput(uw_context ctx, uw_OpenidFfi_inputs buf, uw_Basis_string key, uw_Basis_string value) {
adam@3	251 if (uw_buffer_used(buf) > 0)
adam@3	252 uw_buffer_append(buf, "&", 1);
adam@3	253
adam@14	254 uw_buffer_append(buf, key, strlen(key));
adam@3	255 uw_buffer_append(buf, "=", 1);
adam@8	256 postify(buf, value);
adam@3	257
adam@3	258 return uw_unit_v;
adam@3	259 }
adam@3	260
adam@3	261 uw_Basis_string uw_OpenidFfi_getOutput(uw_context ctx, uw_OpenidFfi_outputs buf, uw_Basis_string key) {
adam@3	262 char *s = buf->start;
adam@3	263
adam@3	264 for (; *s; s = strchr(strchr(s, 0)+1, 0)+1)
adam@3	265 if (!strcmp(key, s))
adam@3	266 return strchr(s, 0)+1;
adam@3	267
adam@3	268 return NULL;
adam@3	269 }
adam@3	270
adam@27	271 uw_unit uw_OpenidFfi_printOutputs(uw_context ctx, uw_OpenidFfi_outputs buf) {
adam@27	272 char *s = buf->start;
adam@27	273
adam@27	274 for (; *s; s = strchr(strchr(s, 0)+1, 0)+1)
adam@27	275 fprintf(stderr, "%s => %s\n", s, strchr(s, 0)+1);
adam@27	276
adam@27	277 return uw_unit_v;
adam@27	278 }
adam@27	279
adam@3	280 static size_t write_buffer_data(void buffer, size_t size, size_t nmemb, void userp) {
adam@3	281 uw_buffer *buf = userp;
adam@3	282
adam@3	283 uw_buffer_append(buf, buffer, size * nmemb);
adam@3	284
adam@3	285 return size * nmemb;
adam@3	286 }
adam@3	287
adam@3	288 const char curl_failure[] = "error\0Error fetching URL";
adam@3	289
adam@4	290 uw_OpenidFfi_outputs uw_OpenidFfi_direct(uw_context ctx, uw_Basis_string url, uw_OpenidFfi_inputs inps) {
adam@3	291 uw_buffer *buf = uw_malloc(ctx, sizeof(uw_buffer));
adam@3	292 CURL *c = curl(ctx);
adam@3	293 CURLcode code;
adam@3	294
adam@3	295 uw_buffer_init(BUF_MAX, buf, BUF_INIT);
adam@3	296
adam@3	297 uw_buffer_append(inps, "", 1);
adam@3	298
adam@26	299 curl_easy_reset(c);
adam@3	300 curl_easy_setopt(c, CURLOPT_URL, url);
adam@3	301 curl_easy_setopt(c, CURLOPT_POSTFIELDS, inps->start);
adam@3	302 curl_easy_setopt(c, CURLOPT_WRITEFUNCTION, write_buffer_data);
adam@3	303 curl_easy_setopt(c, CURLOPT_WRITEDATA, buf);
adam@3	304
adam@3	305 code = curl_easy_perform(c);
adam@3	306 uw_buffer_append(buf, "", 1);
adam@3	307
adam@3	308 if (code) {
adam@3	309 uw_buffer_reset(buf);
adam@3	310 uw_buffer_append(buf, curl_failure, sizeof curl_failure);
adam@3	311 } else {
adam@3	312 char *s;
adam@3	313
adam@3	314 s = buf->start;
adam@3	315 while (*s) {
adam@3	316 char colon = strchr(s, ':'), newline;
adam@3	317
adam@3	318 if (!colon) {
adam@3	319 *s = 0;
adam@3	320 break;
adam@3	321 }
adam@3	322
adam@7	323 *colon = 0;
adam@7	324
adam@3	325 newline = strchr(colon+1, '\n');
adam@3	326
adam@7	327 if (!newline)
adam@3	328 break;
adam@3	329
adam@3	330 *newline = 0;
adam@3	331 s = newline+1;
adam@3	332 }
adam@3	333 }
adam@3	334
adam@3	335 return buf;
adam@3	336 }
adam@4	337
adam@4	338 static uw_Basis_string deurl(uw_context ctx, uw_Basis_string s) {
adam@4	339 uw_Basis_string r = uw_malloc(ctx, strlen(s)), s2 = r;
adam@4	340
adam@4	341 for (; *s; ++s) {
adam@4	342 if (s[0] == '%' && s[1] && s[2]) {
adam@4	343 unsigned u;
adam@4	344
adam@4	345 sscanf(s+1, "%02x", &u);
adam@4	346 *s2++ = u;
adam@4	347 s += 2;
adam@4	348 } else
adam@4	349 s2++ = s;
adam@4	350 }
adam@4	351
adam@4	352 *s2 = 0;
adam@4	353 return r;
adam@4	354 }
adam@4	355
adam@4	356 uw_OpenidFfi_outputs uw_OpenidFfi_indirect(uw_context ctx, uw_Basis_string fields) {
adam@4	357 uw_OpenidFfi_outputs b = malloc(sizeof(uw_buffer));
adam@4	358
adam@4	359 uw_buffer_init(BUF_MAX, b, BUF_INIT);
adam@4	360
adam@6	361 fields = uw_strdup(ctx, fields);
adam@6	362
adam@4	363 while (*fields) {
adam@4	364 char equal = strchr(fields, '='), and, *s;
adam@4	365
adam@4	366 if (!equal)
adam@4	367 break;
adam@4	368
adam@4	369 *equal = 0;
adam@4	370 s = deurl(ctx, fields);
adam@4	371 uw_buffer_append(b, s, strlen(s));
adam@4	372 uw_buffer_append(b, "", 1);
adam@4	373
adam@4	374 and = strchr(equal+1, '&');
adam@4	375 if (and) {
adam@4	376 *and = 0;
adam@4	377 fields = and+1;
adam@4	378 } else
adam@4	379 fields = and = strchr(equal+1, 0);
adam@4	380 s = deurl(ctx, equal+1);
adam@4	381 uw_buffer_append(b, s, strlen(s));
adam@4	382 uw_buffer_append(b, "", 1);
adam@4	383 }
adam@4	384
adam@4	385 uw_buffer_append(b, "", 1);
adam@4	386 return b;
adam@4	387 }
adam@6	388
adam@6	389 static uw_Basis_string base64(uw_context ctx, unsigned char *input, int length) {
adam@6	390 BIO bmem, b64;
adam@6	391
adam@6	392 b64 = BIO_new(BIO_f_base64());
adam@7	393 BIO_set_flags(b64, BIO_FLAGS_BASE64_NO_NL);
adam@6	394 bmem = BIO_new(BIO_s_mem());
adam@7	395 BIO_push(b64, bmem);
adam@6	396 BIO_write(b64, input, length);
adam@6	397 (void)BIO_flush(b64);
adam@6	398
adam@7	399 int len = BIO_ctrl_pending(bmem);
adam@7	400 char *buff = uw_malloc(ctx, len+1);
adam@7	401 BIO_read(bmem, buff, len);
adam@7	402 buff[len] = 0;
adam@6	403
adam@6	404 BIO_free_all(b64);
adam@6	405
adam@6	406 return buff;
adam@6	407 }
adam@6	408
adam@8	409 static int unbase64(unsigned char input, int length, unsigned char buffer, int bufferLength)
adam@7	410 {
adam@7	411 BIO b64, bmem;
adam@8	412 int n;
adam@6	413
adam@7	414 b64 = BIO_new(BIO_f_base64());
adam@7	415 BIO_set_flags(b64, BIO_FLAGS_BASE64_NO_NL);
adam@7	416 bmem = BIO_new_mem_buf(input, length);
adam@7	417 BIO_push(b64, bmem);
adam@8	418 n = BIO_read(b64, buffer, bufferLength);
adam@6	419
adam@7	420 BIO_free_all(bmem);
adam@8	421
adam@8	422 return n;
adam@8	423 }
adam@8	424
adam@12	425 uw_Basis_string uw_OpenidFfi_hmac_sha1(uw_context ctx, uw_Basis_string key, uw_Basis_string data) {
adam@8	426 unsigned char keyBin[SHA_DIGEST_LENGTH], out[EVP_MAX_MD_SIZE];
adam@8	427 unsigned outLen;
adam@8	428
adam@8	429 unbase64((unsigned char *)key, strlen(key), keyBin, sizeof keyBin);
adam@8	430
adam@8	431 HMAC(EVP_sha1(), keyBin, sizeof keyBin, (unsigned char *)data, strlen(data), out, &outLen);
adam@8	432 return base64(ctx, out, outLen);
adam@6	433 }
adam@7	434
adam@12	435 uw_Basis_string uw_OpenidFfi_hmac_sha256(uw_context ctx, uw_Basis_string key, uw_Basis_string data) {
adam@7	436 unsigned char keyBin[SHA256_DIGEST_LENGTH], out[EVP_MAX_MD_SIZE];
adam@7	437 unsigned outLen;
adam@7	438
adam@7	439 unbase64((unsigned char *)key, strlen(key), keyBin, sizeof keyBin);
adam@7	440
adam@7	441 HMAC(EVP_sha256(), keyBin, sizeof keyBin, (unsigned char *)data, strlen(data), out, &outLen);
adam@7	442 return base64(ctx, out, outLen);
adam@7	443 }
adam@8	444
adam@8	445 static uw_Basis_string btwoc(uw_context ctx, const BIGNUM *n) {
adam@8	446 int len = BN_num_bytes(n), i;
adam@8	447 unsigned char bytes[len+1];
adam@8	448
adam@8	449 bytes[0] = 0;
adam@8	450 BN_bn2bin(n, bytes+1);
adam@8	451
adam@8	452 for (i = 1; i <= len; ++i)
adam@8	453 if (bytes[i]) {
adam@8	454 if (bytes[i] & 0x80)
adam@8	455 --i;
adam@8	456 break;
adam@8	457 }
adam@8	458
adam@8	459 if (i > len)
adam@8	460 i = len;
adam@8	461
adam@8	462 return base64(ctx, bytes+i, len+1-i);
adam@8	463 }
adam@8	464
adam@8	465 static BIGNUM *unbtwoc(uw_context ctx, uw_Basis_string s) {
adam@8	466 unsigned char bytes[1024];
adam@8	467 int len;
adam@8	468
adam@8	469 len = unbase64((unsigned char *)s, strlen(s), bytes, sizeof bytes);
adam@8	470 return BN_bin2bn(bytes, len, NULL);
adam@8	471 }
adam@8	472
adam@8	473 uw_Basis_string uw_OpenidFfi_modulus(uw_context ctx, uw_OpenidFfi_dh dh) {
adam@8	474 return btwoc(ctx, dh->p);
adam@8	475 }
adam@8	476
adam@8	477 uw_Basis_string uw_OpenidFfi_generator(uw_context ctx, uw_OpenidFfi_dh dh) {
adam@8	478 return btwoc(ctx, dh->g);
adam@8	479 }
adam@8	480
adam@8	481 uw_Basis_string uw_OpenidFfi_public(uw_context ctx, uw_OpenidFfi_dh dh) {
adam@8	482 return btwoc(ctx, dh->pub_key);
adam@8	483 }
adam@8	484
adam@8	485 static void free_DH(void *data, int will_retry) {
adam@8	486 DH *dh = data;
adam@26	487 dh->p = NULL;
adam@26	488 dh->g = NULL;
adam@8	489 DH_free(dh);
adam@8	490 }
adam@8	491
adam@8	492 uw_OpenidFfi_dh uw_OpenidFfi_generate(uw_context ctx) {
adam@8	493 DH *dh = DH_new();
adam@8	494
adam@26	495 dh->p = default_prime;
adam@26	496 dh->g = default_generator;
adam@8	497 uw_register_transactional(ctx, dh, NULL, NULL, free_DH);
adam@8	498
adam@8	499 if (DH_generate_key(dh) != 1)
adam@8	500 uw_error(ctx, FATAL, "Diffie-Hellman key generation failed");
adam@8	501
adam@8	502 return dh;
adam@8	503 }
adam@8	504
adam@8	505 uw_Basis_string uw_OpenidFfi_compute(uw_context ctx, uw_OpenidFfi_dh dh, uw_Basis_string server_pub) {
adam@8	506 BIGNUM *bn = unbtwoc(ctx, server_pub);
adam@12	507 unsigned char secret[DH_size(dh)+1], *secretP;
adam@8	508 int size;
adam@8	509
adam@8	510 uw_push_cleanup(ctx, (void ()(void ))BN_free, bn);
adam@8	511
adam@12	512 size = DH_compute_key(secret+1, bn, dh);
adam@8	513 if (size == -1)
adam@8	514 uw_error(ctx, FATAL, "Diffie-Hellman key computation failed");
adam@8	515
adam@8	516 uw_pop_cleanup(ctx);
adam@8	517
adam@12	518 if (size > 0 && (secret[1] & 0x80)) {
adam@12	519 secret[0] = 0;
adam@12	520 secretP = secret;
adam@12	521 ++size;
adam@12	522 } else
adam@12	523 secretP = secret+1;
adam@12	524
adam@12	525 return base64(ctx, secretP, size);
adam@8	526 }
adam@12	527
adam@12	528 uw_Basis_string uw_OpenidFfi_sha1(uw_context ctx, uw_Basis_string data) {
adam@12	529 unsigned char dataBin[128], out[EVP_MAX_MD_SIZE];
adam@12	530 int len;
adam@12	531
adam@12	532 len = unbase64((unsigned char *)data, strlen(data), dataBin, sizeof dataBin);
adam@12	533
adam@12	534 SHA1(dataBin, len, out);
adam@12	535 return base64(ctx, out, SHA_DIGEST_LENGTH);
adam@12	536 }
adam@12	537
adam@12	538 uw_Basis_string uw_OpenidFfi_sha256(uw_context ctx, uw_Basis_string data) {
adam@12	539 unsigned char dataBin[128], out[EVP_MAX_MD_SIZE];
adam@12	540 int len;
adam@12	541
adam@12	542 len = unbase64((unsigned char *)data, strlen(data), dataBin, sizeof dataBin);
adam@12	543
adam@12	544 SHA256(dataBin, len, out);
adam@12	545 return base64(ctx, out, SHA256_DIGEST_LENGTH);
adam@12	546 }
adam@12	547
adam@12	548 uw_Basis_string uw_OpenidFfi_xor(uw_context ctx, uw_Basis_string s1, uw_Basis_string s2) {
adam@12	549 unsigned char buf1[128], buf2[128], bufO[128];
adam@12	550 int len1, len2, i;
adam@12	551
adam@12	552 len1 = unbase64((unsigned char *)s1, strlen(s1), buf1, sizeof buf1);
adam@12	553 len2 = unbase64((unsigned char *)s2, strlen(s2), buf2, sizeof buf2);
adam@12	554
adam@12	555 for (i = 0; i < len1; ++i)
adam@12	556 bufO[i] = buf1[i] ^ buf2[i % len2];
adam@12	557
adam@12	558 return base64(ctx, bufO, len1);
adam@12	559 }
adam@13	560
adam@13	561 uw_OpenidFfi_inputs uw_OpenidFfi_remode(uw_context ctx, uw_OpenidFfi_outputs out, uw_Basis_string mode) {
adam@13	562 uw_OpenidFfi_inputs in = uw_OpenidFfi_createInputs(ctx);
adam@13	563 char *s;
adam@13	564
adam@13	565 for (s = out->start; *s; s = strchr(strchr(s, 0)+1, 0)+1)
adam@13	566 if (!strcmp("openid.mode", s))
adam@13	567 uw_OpenidFfi_addInput(ctx, in, "openid.mode", mode);
adam@13	568 else
adam@13	569 uw_OpenidFfi_addInput(ctx, in, s, strchr(s, 0)+1);
adam@13	570
adam@13	571 return in;
adam@13	572 }

Mercurial > openid

annotate src/c/openid.c @ 27:f129ddee75f3