/* * test hmac-sha1 checksum */ int test_sha1(char *c_secret, char *t_secret, char *base, char *expected) { int rv=0; char *okey = oauth_catenc(2, c_secret, t_secret); char *b64d = oauth_sign_hmac_sha1(base, okey); if (strcmp(b64d,expected)) { printf("HMAC-SHA1 invalid. base:'%s' secrets:'%s'\n" " got: '%s' expected: '%s'\n", base, okey, b64d, expected); rv=1; } else if (loglevel) printf("HMAC-SHA1 test sucessful.\n"); free(b64d); free(okey); return (rv); }
/* * creates base string and returns signature. * @param mode * * @return encoded string otherwise NULL * The caller must free the returned string. */ char *process_array(int argc, char **argv, char *method, int mode, oauthparam *op) { char *base_url; char *okey, *odat, *sign; // sort parameters qsort(&argv[1], argc-1, sizeof(char *), oauth_cmpstringp); // serialize URL base_url= oauth_serialize_url_parameters(argc, argv); if (mode&16) fprintf(stdout, "%s\n",base_url); else if (want_verbose) fprintf(stderr, "base-url=%s\n",base_url); if (mode&16) exit(0); // generate signature okey = oauth_catenc(2, op->c_secret, op->t_secret); odat = oauth_catenc(3, method, argv[0], base_url); if (mode&8) fprintf(stdout, "%s\n",odat); else if (want_verbose) fprintf(stderr, "base-string=%s\n",odat); if (mode&32) fprintf(stdout, "%s\n",okey); else if (want_verbose) fprintf(stderr, "secret-string=%s\n",okey); if (mode&40) exit(0); switch(op->signature_method) { case OA_RSA: sign = oauth_sign_rsa_sha1(odat,op->c_secret); // TODO don't re-use consumer-key; allow to read from file. break; case OA_PLAINTEXT: sign = oauth_sign_plaintext(odat,okey); break; default: sign = oauth_sign_hmac_sha1(odat,okey); } free(odat); free(okey); if (mode&64 && !want_verbose) fprintf(stdout, "%s\n",sign); //if (mode&64) exit(0); // TODO return sign; // needs to be free()d }