From bd990616d7c265eddbe921c95dc6e4d737e9644e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Bj=C3=B6rn=20Bidar?= <theodorstormgrade@gmail.com>
Date: Sun, 2 Aug 2020 21:53:06 +0200
Subject: [PATCH] Replace s3_hmac_sign() with HMAC() from OpenSSL

Instead of using s3_hmac_sign() which does everything on its own
resuse HMAC() from OpenSSL. This adds some casting that was done
previously inside s3_hmac_sign() to performOp().
In addition we no longer use the deprecated HMAC_Init(HMAC_CTX *ctx, const void *key, int key_len,
               const EVP_MD *md) (<1.1).

Removes the usage of:
+ s3_hmac_sign()

Contributes to #11
---
 src/s3access.cpp | 11 +++++++----
 1 file changed, 7 insertions(+), 4 deletions(-)

diff --git a/src/s3access.cpp b/src/s3access.cpp
index a1ffb9d..db1484d 100644
--- a/src/s3access.cpp
+++ b/src/s3access.cpp
@@ -6,6 +6,9 @@ extern "C" {
 
 #include "s3access.h"
 
+// Needed for performOp
+#include <openssl/hmac.h>
+
 S3Result::S3Result(QNetworkReply *reply, QObject *parent) : QObject(parent)
   , m_reply(reply)
 {
@@ -130,7 +133,7 @@ S3ListResult *S3Access::list(QString const &prefix)
 QNetworkReply *S3Access::performOp(Method method, QString const &url, QIODevice *in, const char *content_md5, const char *content_type, QString signDataKey)
 {
     QNetworkRequest request;
-    char *digest;
+    unsigned char digest[EVP_MAX_MD_SIZE];
     QString methodStr;
     QString date = QDateTime::currentDateTimeUtc().toString(Qt::RFC2822Date);
     QNetworkReply *reply;
@@ -157,10 +160,11 @@ QNetworkReply *S3Access::performOp(Method method, QString const &url, QIODevice
         signData+=signDataKey;
 
     request.setUrl(QUrl(QString(url)));
-    digest = s3_hmac_sign(m_secret.toLatin1().data(), signData.toLatin1().data(), signData.toLatin1().size());
+    HMAC(EVP_sha1(), m_secret.toLatin1().data(), m_secret.toLatin1().size(), (unsigned char*)signData.toLatin1().data(), signData.toLatin1().size(), digest, (unsigned int*)EVP_MAX_MD_SIZE);
+    digest[digest[EVP_MAX_MD_SIZE] - 1] = '\0';
 
     request.setRawHeader("Date", date.toLocal8Bit());
-    request.setRawHeader("Authorization", QString(QStringLiteral("AWS %1:%2")).arg(m_id).arg(digest).toLocal8Bit());
+    request.setRawHeader("Authorization", QString(QStringLiteral("AWS %1:%2")).arg(m_id).arg((char*)digest).toLocal8Bit());
     request.setAttribute(QNetworkRequest::FollowRedirectsAttribute, true);
 
     qDebug() << "Request to: " << url;
@@ -188,7 +192,6 @@ QNetworkReply *S3Access::performOp(Method method, QString const &url, QIODevice
         break;
     }
 
-    free(digest);
 
     return reply;
 }