| OLD | NEW |
|---|
| 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/http/http_mac_signature.h" | 5 #include "net/http/http_mac_signature.h" |
| 6 | 6 |
| 7 #include "base/base64.h" | 7 #include "base/base64.h" |
| 8 #include "base/rand_util.h" | 8 #include "base/rand_util.h" |
| 9 #include "base/string_number_conversions.h" | 9 #include "base/string_number_conversions.h" |
| 10 #include "base/string_util.h" | 10 #include "base/string_util.h" |
| 11 #include "base/time.h" | |
| 12 #include "crypto/hmac.h" | 11 #include "crypto/hmac.h" |
| 13 | 12 |
| 14 namespace net { | 13 namespace net { |
| 15 | 14 |
| 16 namespace { | 15 namespace { |
| 17 | 16 |
| 18 const char kSHA1Name[] = "hmac-sha-1"; | 17 const char kSHA1Name[] = "hmac-sha-1"; |
| 19 const char kSHA256Name[] = "hmac-sha-256"; | 18 const char kSHA256Name[] = "hmac-sha-256"; |
| 20 const int kNonceLength = 64/8; | 19 const int kNonceLength = 64/8; |
| 21 | 20 |
| (...skipping 22 matching lines...) Expand all Loading... |
| 44 } | 43 } |
| 45 | 44 |
| 46 HttpMacSignature::HttpMacSignature() | 45 HttpMacSignature::HttpMacSignature() |
| 47 : mac_algorithm_(crypto::HMAC::SHA1) { | 46 : mac_algorithm_(crypto::HMAC::SHA1) { |
| 48 } | 47 } |
| 49 | 48 |
| 50 HttpMacSignature::~HttpMacSignature() { | 49 HttpMacSignature::~HttpMacSignature() { |
| 51 } | 50 } |
| 52 | 51 |
| 53 bool HttpMacSignature::AddStateInfo(const std::string& id, | 52 bool HttpMacSignature::AddStateInfo(const std::string& id, |
| 53 const base::Time& creation_date, |
| 54 const std::string& mac_key, | 54 const std::string& mac_key, |
| 55 const std::string& mac_algorithm) { | 55 const std::string& mac_algorithm) { |
| 56 DCHECK(id_.empty()); | 56 DCHECK(id_.empty()); |
| 57 | 57 |
| 58 if (!IsPlainString(id) || id.empty() || | 58 if (!IsPlainString(id) || id.empty() || |
| 59 creation_date.is_null() || |
| 59 mac_key.empty() || | 60 mac_key.empty() || |
| 60 mac_algorithm.empty()) { | 61 mac_algorithm.empty()) { |
| 61 return false; | 62 return false; |
| 62 } | 63 } |
| 63 | 64 |
| 64 if (mac_algorithm == kSHA1Name) | 65 if (mac_algorithm == kSHA1Name) |
| 65 mac_algorithm_ = crypto::HMAC::SHA1; | 66 mac_algorithm_ = crypto::HMAC::SHA1; |
| 66 else if (mac_algorithm == kSHA256Name) | 67 else if (mac_algorithm == kSHA256Name) |
| 67 mac_algorithm_ = crypto::HMAC::SHA256; | 68 mac_algorithm_ = crypto::HMAC::SHA256; |
| 68 else | 69 else |
| 69 return false; | 70 return false; |
| 70 | 71 |
| 71 id_ = id; | 72 id_ = id; |
| 73 creation_date_ = creation_date; |
| 72 mac_key_ = mac_key; | 74 mac_key_ = mac_key; |
| 73 return true; | 75 return true; |
| 74 } | 76 } |
| 75 | 77 |
| 76 bool HttpMacSignature::AddHttpInfo(const std::string& method, | 78 bool HttpMacSignature::AddHttpInfo(const std::string& method, |
| 77 const std::string& request_uri, | 79 const std::string& request_uri, |
| 78 const std::string& host, | 80 const std::string& host, |
| 79 int port) { | 81 int port) { |
| 80 DCHECK(method_.empty()); | 82 DCHECK(method_.empty()); |
| 81 | 83 |
| 82 if (!IsPlainString(method) || method.empty() || | 84 if (!IsPlainString(method) || method.empty() || |
| 83 !IsPlainString(request_uri) || request_uri.empty() || | 85 !IsPlainString(request_uri) || request_uri.empty() || |
| 84 !IsPlainString(host) || host.empty() || | 86 !IsPlainString(host) || host.empty() || |
| 85 port <= 0 || port > 65535) { | 87 port <= 0 || port > 65535) { |
| 86 return false; | 88 return false; |
| 87 } | 89 } |
| 88 | 90 |
| 89 method_ = StringToUpperASCII(method); | 91 method_ = StringToUpperASCII(method); |
| 90 request_uri_ = request_uri; | 92 request_uri_ = request_uri; |
| 91 host_ = StringToLowerASCII(host); | 93 host_ = StringToLowerASCII(host); |
| 92 port_ = base::IntToString(port); | 94 port_ = base::IntToString(port); |
| 93 return true; | 95 return true; |
| 94 } | 96 } |
| 95 | 97 |
| 96 std::string HttpMacSignature::GenerateAuthorizationHeader() { | 98 std::string HttpMacSignature::GenerateAuthorizationHeader() { |
| 97 DCHECK(!id_.empty()) << "Call AddStateInfo first."; | 99 DCHECK(!id_.empty()) << "Call AddStateInfo first."; |
| 98 DCHECK(!method_.empty()) << "Call AddHttpInfo first."; | 100 DCHECK(!method_.empty()) << "Call AddHttpInfo first."; |
| 99 | 101 |
| 100 std::string timestamp = base::Int64ToString((base::Time::Now() - | 102 std::string age = base::Int64ToString( |
| 101 base::Time::UnixEpoch()).InSeconds()); | 103 (base::Time::Now() - creation_date_).InSeconds()); |
| 102 std::string nonce = GenerateNonce(); | 104 std::string nonce = GenerateNonce(); |
| 103 | 105 |
| 104 return GenerateHeaderString(timestamp, nonce); | 106 return GenerateHeaderString(age, nonce); |
| 105 } | 107 } |
| 106 | 108 |
| 107 std::string HttpMacSignature::GenerateHeaderString( | 109 std::string HttpMacSignature::GenerateHeaderString(const std::string& age, |
| 108 const std::string& timestamp, | 110 const std::string& nonce) { |
| 109 const std::string& nonce) { | 111 std::string mac = GenerateMAC(age, nonce); |
| 110 std::string mac = GenerateMAC(timestamp, nonce); | |
| 111 | 112 |
| 112 DCHECK(IsPlainString(timestamp)); | 113 DCHECK(IsPlainString(age)); |
| 113 DCHECK(IsPlainString(nonce)); | 114 DCHECK(IsPlainString(nonce)); |
| 114 DCHECK(IsPlainString(mac)); | 115 DCHECK(IsPlainString(mac)); |
| 115 | 116 |
| 116 return "MAC id=\"" + id_ + | 117 return "MAC id=\"" + id_ + |
| 117 "\", nonce=\"" + timestamp + ":" + nonce + | 118 "\", nonce=\"" + age + ":" + nonce + |
| 118 "\", mac=\"" + mac + "\""; | 119 "\", mac=\"" + mac + "\""; |
| 119 } | 120 } |
| 120 | 121 |
| 121 std::string HttpMacSignature::GenerateNormalizedRequest( | 122 std::string HttpMacSignature::GenerateNormalizedRequest( |
| 122 const std::string& timestamp, | 123 const std::string& age, |
| 123 const std::string& nonce) { | 124 const std::string& nonce) { |
| 124 static const std::string kNewLine = "\n"; | 125 static const std::string kNewLine = "\n"; |
| 125 | 126 |
| 126 std::string normalized_request = timestamp + ":" + nonce + kNewLine; | 127 std::string normalized_request = age + ":" + nonce + kNewLine; |
| 127 normalized_request += method_ + kNewLine; | 128 normalized_request += method_ + kNewLine; |
| 128 normalized_request += request_uri_ + kNewLine; | 129 normalized_request += request_uri_ + kNewLine; |
| 129 normalized_request += host_ + kNewLine; | 130 normalized_request += host_ + kNewLine; |
| 130 normalized_request += port_ + kNewLine; | 131 normalized_request += port_ + kNewLine; |
| 131 normalized_request += kNewLine; | 132 normalized_request += kNewLine; |
| 132 normalized_request += kNewLine; | 133 normalized_request += kNewLine; |
| 133 | 134 |
| 134 return normalized_request; | 135 return normalized_request; |
| 135 } | 136 } |
| 136 | 137 |
| 137 std::string HttpMacSignature::GenerateMAC(const std::string& timestamp, | 138 std::string HttpMacSignature::GenerateMAC(const std::string& age, |
| 138 const std::string& nonce) { | 139 const std::string& nonce) { |
| 139 std::string request = GenerateNormalizedRequest(timestamp, nonce); | 140 std::string request = GenerateNormalizedRequest(age, nonce); |
| 140 | 141 |
| 141 crypto::HMAC hmac(mac_algorithm_); | 142 crypto::HMAC hmac(mac_algorithm_); |
| 142 hmac.Init(mac_key_); | 143 hmac.Init(mac_key_); |
| 143 | 144 |
| 144 std::string signature; | 145 std::string signature; |
| 145 size_t length = hmac.DigestLength(); | 146 size_t length = hmac.DigestLength(); |
| 146 char* buffer = WriteInto(&signature, length); | 147 char* buffer = WriteInto(&signature, length); |
| 147 bool result = hmac.Sign(request, | 148 bool result = hmac.Sign(request, |
| 148 reinterpret_cast<unsigned char*>(buffer), | 149 reinterpret_cast<unsigned char*>(buffer), |
| 149 length); | 150 length); |
| 150 DCHECK(result); | 151 DCHECK(result); |
| 151 | 152 |
| 152 std::string encoded_signature; | 153 std::string encoded_signature; |
| 153 result = base::Base64Encode(signature, &encoded_signature); | 154 result = base::Base64Encode(signature, &encoded_signature); |
| 154 DCHECK(result); | 155 DCHECK(result); |
| 155 return encoded_signature; | 156 return encoded_signature; |
| 156 } | 157 } |
| 157 | 158 |
| 158 } // namespace net | 159 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 6969075:
MAC Cookies (patch 5 of N) (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src/