Skip to content

Commit

Permalink
Replace s3_hmac_sign() with HMAC() from OpenSSL
Browse files Browse the repository at this point in the history 
Instead of using s3_hmac_sign() which does everything on its own
resuse HMAC() from OpenSSL. This adds some casting that was done
previously inside s3_hmac_sign() to performOp().
In addition we no longer use the deprecated HMAC_Init(HMAC_CTX *ctx, const void *key, int key_len,
               const EVP_MD *md) (<1.1).
  • Loading branch information
@Thaodan
Thaodan committed Aug 2, 2020
1 parent 472ad31 commit c288979
Showing 1 changed file with 6 additions and 4 deletions.
10 changes: 6 additions & 4 deletions src/s3access.cpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,8 +4,11 @@ extern "C" {

#include <QFile>

// Needed for performOp
#include "s3access.h"

#include <openssl/hmac.h>

S3Result::S3Result(QNetworkReply *reply, QObject *parent) : QObject(parent)
, m_reply(reply)
{
Expand Down Expand Up @@ -130,7 +133,7 @@ S3ListResult *S3Access::list(QString const &prefix)
QNetworkReply *S3Access::performOp(Method method, QString const &url, QIODevice *in, const char *content_md5, const char *content_type, QString signDataKey)
{
QNetworkRequest request;
char *digest;
unsigned char digest[EVP_MAX_MD_SIZE];
QString methodStr;
QString date = QDateTime::currentDateTimeUtc().toString(Qt::RFC2822Date);
QNetworkReply *reply;
Expand All @@ -157,10 +160,10 @@ QNetworkReply *S3Access::performOp(Method method, QString const &url, QIODevice
signData+=signDataKey;

request.setUrl(QUrl(QString(url)));
digest = s3_hmac_sign(m_secret.toLatin1().data(), signData.toLatin1().data(), signData.toLatin1().size());
HMAC(EVP_sha1(), m_secret.toLatin1().data(), m_secret.toLatin1().size(), (unsigned char*)signData.toLatin1().data(), signData.toLatin1().size(), digest, (unsigned int*)EVP_MAX_MD_SIZE);

request.setRawHeader("Date", date.toLocal8Bit());
request.setRawHeader("Authorization", QString(QStringLiteral("AWS %1:%2")).arg(m_id).arg(digest).toLocal8Bit());
request.setRawHeader("Authorization", QString(QStringLiteral("AWS %1:%2")).arg(m_id).arg((char*)digest).toLocal8Bit());
request.setAttribute(QNetworkRequest::FollowRedirectsAttribute, true);

qDebug() << "Request to: " << url;
Expand Down Expand Up @@ -188,7 +191,6 @@ QNetworkReply *S3Access::performOp(Method method, QString const &url, QIODevice
break;
}

free(digest);

return reply;
}
Expand Down

0 comments on commit c288979

Please sign in to comment.