Re: Review Request 11299: configurable to support different SHA algorithm

Zhi Hong Yang Tue, 06 Aug 2013 20:27:31 -0700


> On Aug. 1, 2013, 2:46 p.m., Ryan Baxter wrote:
> > http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth/OAuthRequest.java,
> >  line 553
> > <https://reviews.apache.org/r/11299/diff/5/?file=323051#file323051line553>
> >
> >     Where does this hash get sent to?  The OAuth provider?


>From the code:
            String b64 = CharsetUtil.newUtf8String(Base64.encodeBase64(hash));
            params.add(new Parameter(OAuthConstants.OAUTH_BODY_HASH, b64));
it will be sent out in oauth request, this is not related with this fix. The 
fix is just change the digest implmenation, the previous is just using sha to 
digest, my fix is using a customzied SHA implmenation(user's setting). 


- Zhi Hong


-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/11299/#review24441
-----------------------------------------------------------


On Aug. 7, 2013, 3:25 a.m., Zhi Hong Yang wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/11299/
> -----------------------------------------------------------
> 
> (Updated Aug. 7, 2013, 3:25 a.m.)
> 
> 
> Review request for shindig, Dan Dumont, Ryan Baxter, Rich Thompson, and 
> Stanton Sievers.
> 
> 
> Repository: shindig
> 
> 
> Description
> -------
> 
> the following setting are added to support different algorithms:
> 
> 1) shindig.crypo.preferredHashAlgorithms = SHA
> 
> this setting is used to set string hash algorithm, SHA, SHA-256, SHA-384, 
> SHA-512 is supported 
> 
> 2) shindig.crypo.preferredHMACAlgorithms = HMACSHA1
> 
> this setting is used to set string encrypt/decrypt algorithm, 
> HMACSHA1,HMACSHA256,HMACSHA384,HMACSHA512 is supported
> 
> 
> Diffs
> -----
> 
>   
> http://svn.apache.org/repos/asf/shindig/trunk/java/common/src/main/java/org/apache/shindig/auth/BlobCrypterSecurityTokenCodec.java
>  1503103 
>   
> http://svn.apache.org/repos/asf/shindig/trunk/java/common/src/main/java/org/apache/shindig/common/crypto/BasicBlobCrypter.java
>  1503103 
>   
> http://svn.apache.org/repos/asf/shindig/trunk/java/common/src/main/java/org/apache/shindig/common/crypto/Crypto.java
>  1503103 
>   
> http://svn.apache.org/repos/asf/shindig/trunk/java/common/src/main/java/org/apache/shindig/common/util/DigestType.java
>  PRE-CREATION 
>   
> http://svn.apache.org/repos/asf/shindig/trunk/java/common/src/main/java/org/apache/shindig/common/util/GenericDigestUtils.java
>  PRE-CREATION 
>   
> http://svn.apache.org/repos/asf/shindig/trunk/java/common/src/main/java/org/apache/shindig/common/util/HMACType.java
>  PRE-CREATION 
>   
> http://svn.apache.org/repos/asf/shindig/trunk/java/common/src/test/java/org/apache/shindig/auth/BlobCrypterSecurityTokenCodecTest.java
>  1503103 
>   
> http://svn.apache.org/repos/asf/shindig/trunk/java/common/src/test/java/org/apache/shindig/auth/BlobCrypterSecurityTokenTest.java
>  1503103 
>   
> http://svn.apache.org/repos/asf/shindig/trunk/java/common/src/test/java/org/apache/shindig/common/crypto/BlobCrypterTest.java
>  1503103 
>   
> http://svn.apache.org/repos/asf/shindig/trunk/java/common/src/test/java/org/apache/shindig/common/crypto/CryptoTest.java
>  1503103 
>   
> http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/DefaultGuiceModule.java
>  1503103 
>   
> http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/HashLockedDomainService.java
>  1503103 
>   
> http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth/OAuthRequest.java
>  1503103 
>   
> http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth2/handler/MacTokenHandler.java
>  1503103 
>   
> http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/uri/HashShaLockedDomainPrefixGenerator.java
>  1503103 
>   
> http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/oauth/testing/FakeOAuthServiceProvider.java
>  1503103 
>   
> http://svn.apache.org/repos/asf/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/core/oauth/OAuthAuthenticationHandler.java
>  1503103 
>   
> http://svn.apache.org/repos/asf/shindig/trunk/java/social-api/src/test/java/org/apache/shindig/social/core/oauth/FakeOAuthRequest.java
>  1503103 
>   
> http://svn.apache.org/repos/asf/shindig/trunk/java/social-api/src/test/java/org/apache/shindig/social/core/oauth/OAuthAuthenticationHanderTest.java
>  1503103 
> 
> Diff: https://reviews.apache.org/r/11299/diff/
> 
> 
> Testing
> -------
> 
> Done. 
> 
> 
> Thanks,
> 
> Zhi Hong Yang
> 
>

Re: Review Request 11299: configurable to support different SHA algorithm

Reply via email to