diff src/c/openid.c @ 7:976121190b2d

Authentication verification almost working: signatures not computing correctly
author Adam Chlipala <adam@chlipala.net>
date Tue, 28 Dec 2010 19:57:25 -0500
parents 99496175078b
children 870d99055dd1
line wrap: on
line diff
--- a/src/c/openid.c	Mon Dec 27 13:18:02 2010 -0500
+++ b/src/c/openid.c	Tue Dec 28 19:57:25 2010 -0500
@@ -4,6 +4,7 @@
 #include <openssl/evp.h>
 #include <openssl/buffer.h>
 #include <openssl/sha.h>
+#include <openssl/hmac.h>
 #include <curl/curl.h>
 #include <expat.h>
 
@@ -25,8 +26,6 @@
 }
 
 uw_unit uw_OpenidFfi_init(uw_context ctx) {
-  
-
   curl_global_init(CURL_GLOBAL_ALL);
 
   return uw_unit_v;
@@ -74,9 +73,6 @@
   }
 }
 
-static void XMLCALL endElement(void *userData, const XML_Char *name) {
-}
-
 typedef struct {
   XML_Parser parser;
   int any_errors;
@@ -115,7 +111,7 @@
   cd.parser = XML_ParserCreate(NULL);
   XML_SetUserData(cd.parser, &ep);
   uw_push_cleanup(ctx, (void (*)(void *))XML_ParserFree, cd.parser);
-  XML_SetElementHandler(cd.parser, startElement, endElement);
+  XML_SetStartElementHandler(cd.parser, startElement);
 
   curl_easy_setopt(c, CURLOPT_URL, id);
   curl_easy_setopt(c, CURLOPT_WRITEFUNCTION, write_discovery_data);
@@ -215,14 +211,13 @@
         break;
       }
 
+      *colon = 0;
+
       newline = strchr(colon+1, '\n');
 
-      if (!newline) {
-        *s = 0;
+      if (!newline)
         break;
-      }
 
-      *colon = 0;
       *newline = 0;
       s = newline+1;
     }
@@ -284,28 +279,44 @@
 
 static uw_Basis_string base64(uw_context ctx, unsigned char *input, int length) {
   BIO *bmem, *b64;
-  BUF_MEM *bptr;
 
   b64 = BIO_new(BIO_f_base64());
+  BIO_set_flags(b64, BIO_FLAGS_BASE64_NO_NL);
   bmem = BIO_new(BIO_s_mem());
-  b64 = BIO_push(b64, bmem);
+  BIO_push(b64, bmem);
   BIO_write(b64, input, length);
   (void)BIO_flush(b64);
-  BIO_get_mem_ptr(b64, &bptr);
 
-  char *buff = uw_malloc(ctx, bptr->length);
-  memcpy(buff, bptr->data, bptr->length-1);
-  buff[bptr->length-1] = 0;
+  int len = BIO_ctrl_pending(bmem);
+  char *buff = uw_malloc(ctx, len+1);
+  BIO_read(bmem, buff, len);
+  buff[len] = 0;
 
   BIO_free_all(b64);
 
   return buff;
 }
 
-uw_Basis_string uw_OpenidFfi_sha256(uw_context ctx, uw_Basis_string s) {
-  unsigned char out[SHA256_DIGEST_LENGTH];
+static void unbase64(unsigned char *input, int length, unsigned char *buffer, int bufferLength)
+{
+  BIO *b64, *bmem;
 
-  SHA256((unsigned char *)s, strlen(s), out);
+  b64 = BIO_new(BIO_f_base64());
+  BIO_set_flags(b64, BIO_FLAGS_BASE64_NO_NL);
+  bmem = BIO_new_mem_buf(input, length);
+  BIO_push(b64, bmem);
+  BIO_read(b64, buffer, bufferLength);
 
-  return base64(ctx, out, sizeof out);
+  BIO_free_all(bmem);
 }
+
+uw_Basis_string uw_OpenidFfi_sha256(uw_context ctx, uw_Basis_string key, uw_Basis_string data) {
+  unsigned char keyBin[SHA256_DIGEST_LENGTH], out[EVP_MAX_MD_SIZE];
+  unsigned outLen;
+
+  unbase64((unsigned char *)key, strlen(key), keyBin, sizeof keyBin);
+  memset(key, sizeof key, 0);
+
+  HMAC(EVP_sha256(), keyBin, sizeof keyBin, (unsigned char *)data, strlen(data), out, &outLen);
+  return base64(ctx, out, outLen);
+}