2012-03-23 03:40:35 +00:00
|
|
|
/**
|
|
|
|
* KQOAuth - An OAuth authentication library for Qt.
|
|
|
|
*
|
|
|
|
* Author: Johan Paul (johan.paul@d-pointer.com)
|
|
|
|
* http://www.d-pointer.com
|
|
|
|
*
|
2012-10-12 19:36:01 +00:00
|
|
|
* This library is free software; you can redistribute it and/or
|
|
|
|
* modify it under the terms of the GNU Lesser General Public
|
|
|
|
* License as published by the Free Software Foundation; either
|
|
|
|
* version 2.1 of the License, or (at your option) any later version.
|
2012-03-23 03:40:35 +00:00
|
|
|
*
|
|
|
|
* KQOAuth is distributed in the hope that it will be useful,
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
* GNU Lesser General Public License for more details.
|
|
|
|
*
|
2012-10-12 19:36:01 +00:00
|
|
|
* In addition, as a special exception, KQOauth provides you certain additional
|
|
|
|
* rights. These rights are described in the Nokia Qt LGPL Exception
|
|
|
|
* version 1.1, included in the file LGPL_EXCEPTION.txt in this package.
|
|
|
|
*
|
2012-03-23 03:40:35 +00:00
|
|
|
* You should have received a copy of the GNU Lesser General Public License
|
2012-10-12 19:36:01 +00:00
|
|
|
* along with KQOAuth. If not, see <http://www.gnu.org/licenses/>
|
2012-03-23 03:40:35 +00:00
|
|
|
*/
|
|
|
|
#include <QString>
|
|
|
|
#include <QCryptographicHash>
|
|
|
|
#include <QByteArray>
|
|
|
|
|
|
|
|
#include <QtDebug>
|
|
|
|
#include "kqoauthutils.h"
|
|
|
|
|
|
|
|
QString KQOAuthUtils::hmac_sha1(const QString &message, const QString &key)
|
|
|
|
{
|
|
|
|
QByteArray keyBytes = key.toAscii();
|
|
|
|
int keyLength; // Lenght of key word
|
|
|
|
const int blockSize = 64; // Both MD5 and SHA-1 have a block size of 64.
|
|
|
|
|
|
|
|
keyLength = keyBytes.size();
|
|
|
|
// If key is longer than block size, we need to hash the key
|
|
|
|
if (keyLength > blockSize) {
|
|
|
|
QCryptographicHash hash(QCryptographicHash::Sha1);
|
|
|
|
hash.addData(keyBytes);
|
|
|
|
keyBytes = hash.result();
|
|
|
|
}
|
|
|
|
|
|
|
|
/* http://tools.ietf.org/html/rfc2104 - (1) */
|
|
|
|
// Create the opad and ipad for the hash function.
|
|
|
|
QByteArray ipad;
|
|
|
|
QByteArray opad;
|
|
|
|
|
|
|
|
ipad.fill( 0, blockSize);
|
|
|
|
opad.fill( 0, blockSize);
|
|
|
|
|
|
|
|
ipad.replace(0, keyBytes.length(), keyBytes);
|
|
|
|
opad.replace(0, keyBytes.length(), keyBytes);
|
|
|
|
|
|
|
|
/* http://tools.ietf.org/html/rfc2104 - (2) & (5) */
|
|
|
|
for (int i=0; i<64; i++) {
|
|
|
|
ipad[i] = ipad[i] ^ 0x36;
|
|
|
|
opad[i] = opad[i] ^ 0x5c;
|
|
|
|
}
|
|
|
|
|
|
|
|
QByteArray workArray;
|
|
|
|
workArray.clear();
|
|
|
|
|
|
|
|
workArray.append(ipad, 64);
|
|
|
|
/* http://tools.ietf.org/html/rfc2104 - (3) */
|
|
|
|
workArray.append(message.toAscii());
|
|
|
|
|
|
|
|
|
|
|
|
/* http://tools.ietf.org/html/rfc2104 - (4) */
|
|
|
|
QByteArray sha1 = QCryptographicHash::hash(workArray, QCryptographicHash::Sha1);
|
|
|
|
|
|
|
|
/* http://tools.ietf.org/html/rfc2104 - (6) */
|
|
|
|
workArray.clear();
|
|
|
|
workArray.append(opad, 64);
|
|
|
|
workArray.append(sha1);
|
|
|
|
|
|
|
|
sha1.clear();
|
|
|
|
|
|
|
|
/* http://tools.ietf.org/html/rfc2104 - (7) */
|
|
|
|
sha1 = QCryptographicHash::hash(workArray, QCryptographicHash::Sha1);
|
|
|
|
return QString(sha1.toBase64());
|
|
|
|
}
|