Updated Branches: refs/heads/import [created] d50a78688
Move signature verification code into helper modules. Project: http://git-wip-us.apache.org/repos/asf/couchdb-oauth/repo Commit: http://git-wip-us.apache.org/repos/asf/couchdb-oauth/commit/d8be2369 Tree: http://git-wip-us.apache.org/repos/asf/couchdb-oauth/tree/d8be2369 Diff: http://git-wip-us.apache.org/repos/asf/couchdb-oauth/diff/d8be2369 Branch: refs/heads/import Commit: d8be23693bf76637f13845cb3dc003480415431b Parents: fb4ac88 Author: Tim Fletcher <[email protected]> Authored: Wed Feb 25 14:16:51 2009 +0000 Committer: Tim Fletcher <[email protected]> Committed: Wed Feb 25 14:16:51 2009 +0000 ---------------------------------------------------------------------- src/oauth.erl | 8 ++++---- src/oauth_hmac_sha1.erl | 5 ++++- src/oauth_plaintext.erl | 5 ++++- src/oauth_rsa_sha1.erl | 10 +++++++++- 4 files changed, 21 insertions(+), 7 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/couchdb-oauth/blob/d8be2369/src/oauth.erl ---------------------------------------------------------------------- diff --git a/src/oauth.erl b/src/oauth.erl index 9b22aed..866655c 100644 --- a/src/oauth.erl +++ b/src/oauth.erl @@ -39,13 +39,13 @@ token_secret(Params) -> verify(Signature, HttpMethod, URL, Params, Consumer, TokenSecret) -> case signature_method(Consumer) of plaintext -> - Signature =:= signature(HttpMethod, URL, Params, Consumer, TokenSecret); + oauth_plaintext:verify(Signature, consumer_secret(Consumer), TokenSecret); hmac_sha1 -> - Signature =:= signature(HttpMethod, URL, Params, Consumer, TokenSecret); + BaseString = signature_base_string(HttpMethod, URL, Params), + oauth_hmac_sha1:verify(Signature, BaseString, consumer_secret(Consumer), TokenSecret); rsa_sha1 -> BaseString = signature_base_string(HttpMethod, URL, Params), - PublicKey = oauth_rsa_sha1:public_key(consumer_secret(Consumer)), - public_key:verify_signature(BaseString, sha, Signature, PublicKey) + oauth_rsa_sha1:verify(Signature, BaseString, consumer_secret(Consumer)) end. signed_params(HttpMethod, URL, ExtraParams, Consumer, Token, TokenSecret) -> http://git-wip-us.apache.org/repos/asf/couchdb-oauth/blob/d8be2369/src/oauth_hmac_sha1.erl ---------------------------------------------------------------------- diff --git a/src/oauth_hmac_sha1.erl b/src/oauth_hmac_sha1.erl index ed232c4..69064ed 100644 --- a/src/oauth_hmac_sha1.erl +++ b/src/oauth_hmac_sha1.erl @@ -1,8 +1,11 @@ -module(oauth_hmac_sha1). --export([signature/3]). +-export([signature/3, verify/4]). signature(BaseString, CS, TS) -> Key = oauth_uri:calate("&", [CS, TS]), base64:encode_to_string(crypto:sha_mac(Key, BaseString)). + +verify(Signature, BaseString, CS, TS) -> + Signature =:= signature(BaseString, CS, TS). http://git-wip-us.apache.org/repos/asf/couchdb-oauth/blob/d8be2369/src/oauth_plaintext.erl ---------------------------------------------------------------------- diff --git a/src/oauth_plaintext.erl b/src/oauth_plaintext.erl index 9f6e0f2..1aae8fc 100644 --- a/src/oauth_plaintext.erl +++ b/src/oauth_plaintext.erl @@ -1,7 +1,10 @@ -module(oauth_plaintext). --export([signature/2]). +-export([signature/2, verify/3]). signature(CS, TS) -> oauth_uri:encode(oauth_uri:calate("&", [CS, TS])). + +verify(Signature, CS, TS) -> + Signature =:= signature(CS, TS). http://git-wip-us.apache.org/repos/asf/couchdb-oauth/blob/d8be2369/src/oauth_rsa_sha1.erl ---------------------------------------------------------------------- diff --git a/src/oauth_rsa_sha1.erl b/src/oauth_rsa_sha1.erl index 45a0ca5..c90ba21 100644 --- a/src/oauth_rsa_sha1.erl +++ b/src/oauth_rsa_sha1.erl @@ -1,6 +1,6 @@ -module(oauth_rsa_sha1). --export([signature/2, public_key/1]). +-export([signature/2, verify/3]). -include_lib("public_key/include/public_key.hrl"). @@ -10,6 +10,14 @@ signature(BaseString, PrivateKeyPath) -> {ok, PrivateKey} = public_key:decode_private_key(Info), base64:encode_to_string(public_key:sign(list_to_binary(BaseString), PrivateKey)). +verify(Signature, BaseString, PublicKey) -> + public_key:verify_signature(to_binary(BaseString), sha, base64:decode(Signature), public_key(PublicKey)). + +to_binary(Term) when is_list(Term) -> + list_to_binary(Term); +to_binary(Term) when is_binary(Term) -> + Term. + public_key(Path) when is_list(Path) -> {ok, [{cert, DerCert, not_encrypted}]} = public_key:pem_to_der(Path), {ok, Cert} = pubkey_cert_records:decode_cert(DerCert, otp),
