mesos-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From vinodk...@apache.org
Subject [2/6] mesos git commit: Added a HMAC SHA256 generator.
Date Mon, 13 Mar 2017 15:46:28 GMT
Added a HMAC SHA256 generator.

HMAC SHA256 can be used to create or verify message signatures.

Review: https://reviews.apache.org/r/56666/


Project: http://git-wip-us.apache.org/repos/asf/mesos/repo
Commit: http://git-wip-us.apache.org/repos/asf/mesos/commit/f1d0a1c2
Tree: http://git-wip-us.apache.org/repos/asf/mesos/tree/f1d0a1c2
Diff: http://git-wip-us.apache.org/repos/asf/mesos/diff/f1d0a1c2

Branch: refs/heads/master
Commit: f1d0a1c2beeb20a26f1ccab1ceb2fab1546249bf
Parents: 244f3e6
Author: Jan Schlicht <jan@mesosphere.io>
Authored: Mon Mar 13 16:45:54 2017 +0100
Committer: Vinod Kone <vinodkone@gmail.com>
Committed: Mon Mar 13 16:45:54 2017 +0100

----------------------------------------------------------------------
 .../include/process/ssl/utilities.hpp           | 14 +++++++++
 3rdparty/libprocess/src/ssl/utilities.cpp       | 30 ++++++++++++++++++++
 2 files changed, 44 insertions(+)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/mesos/blob/f1d0a1c2/3rdparty/libprocess/include/process/ssl/utilities.hpp
----------------------------------------------------------------------
diff --git a/3rdparty/libprocess/include/process/ssl/utilities.hpp b/3rdparty/libprocess/include/process/ssl/utilities.hpp
index c2f64a9..797353c 100644
--- a/3rdparty/libprocess/include/process/ssl/utilities.hpp
+++ b/3rdparty/libprocess/include/process/ssl/utilities.hpp
@@ -110,6 +110,20 @@ Try<Nothing> write_key_file(EVP_PKEY* private_key, const Path&
path);
  */
 Try<Nothing> write_certificate_file(X509* x509, const Path& path);
 
+
+/**
+ * Generates a keyed-hash message authentication code (HMAC) with SHA256.
+ * @see <a href="https://www.openssl.org/docs/man1.1.0/crypto/HMAC.html">HMAC</a>
// NOLINT
+ *
+ * @param message The message to be authenticated.
+ * @param key The secret key.
+ *
+ * @return The HMAC if successful otherwise an Error.
+ */
+Try<std::string> generate_hmac_sha256(
+    const std::string& message,
+    const std::string& key);
+
 } // namespace openssl {
 } // namespace network {
 } // namespace process {

http://git-wip-us.apache.org/repos/asf/mesos/blob/f1d0a1c2/3rdparty/libprocess/src/ssl/utilities.cpp
----------------------------------------------------------------------
diff --git a/3rdparty/libprocess/src/ssl/utilities.cpp b/3rdparty/libprocess/src/ssl/utilities.cpp
index 8aec613..d752acb 100644
--- a/3rdparty/libprocess/src/ssl/utilities.cpp
+++ b/3rdparty/libprocess/src/ssl/utilities.cpp
@@ -13,10 +13,14 @@
 #include <process/ssl/utilities.hpp>
 
 #include <openssl/err.h>
+#include <openssl/evp.h>
+#include <openssl/hmac.h>
 #include <openssl/rsa.h>
 #include <openssl/x509.h>
 #include <openssl/x509v3.h>
 
+#include <string>
+
 #include <stout/check.hpp>
 #include <stout/net.hpp>
 #include <stout/stringify.hpp>
@@ -336,6 +340,32 @@ Try<Nothing> write_certificate_file(X509* x509, const Path&
path)
   return Nothing();
 }
 
+
+Try<std::string> generate_hmac_sha256(
+  const std::string& message,
+  const std::string& key)
+{
+  unsigned int md_len = 0;
+
+  unsigned char* rc = HMAC(
+      EVP_sha256(),
+      key.data(),
+      key.size(),
+      reinterpret_cast<const unsigned char*>(message.data()),
+      message.size(),
+      nullptr,
+      &md_len);
+
+  if (rc == nullptr) {
+    const char* reason = ERR_reason_error_string(ERR_get_error());
+
+    return Error(
+        "HMAC failed" + (reason == nullptr ? "" : ": " + std::string(reason)));
+  }
+
+  return std::string(reinterpret_cast<char*>(rc), md_len);
+}
+
 } // namespace openssl {
 } // namespace network {
 } // namespace process {


Mime
View raw message