Add macaroone implementation into libweave build BUG:25934771 Change-Id: I86f9806302135f7b7c14582196918ed85a75256e Reviewed-on: https://weave-review.googlesource.com/1731 Reviewed-by: Alex Vakulenko <avakulenko@google.com>

commit: 47fe6f8ee0e298e008699e4ba845480c3d600031 [log] [tgz]
author: Vitaly Buka <vitalybuka@google.com> Tue Dec 01 14:37:24 2015 -0800
committer: Vitaly Buka <vitalybuka@google.com> Tue Dec 08 20:07:03 2015 +0000
tree: aec87e1cfdc0e67725c3e17aed884fa457d6f97e
parent: 45dc9dffa92dd88a3c0a22eb13226b5e96c0b972 [diff]
diff --git a/libweave.gypi b/libweave.gypi
index fb7dd03..b529add 100644
--- a/libweave.gypi
+++ b/libweave.gypi

@@ -45,6 +45,12 @@
       'third_party/chromium/crypto/p224.cc',
       'third_party/chromium/crypto/p224_spake.cc',
       'third_party/chromium/crypto/sha2.cc',
+      'third_party/libuweave/src/crypto_hmac.c',
+      'third_party/libuweave/src/crypto_utils.c',
+      'third_party/libuweave/src/macaroon.c',
+      'third_party/libuweave/src/macaroon_caveat.c',
+      'third_party/libuweave/src/macaroon_context.c',
+      'third_party/libuweave/src/macaroon_encoding.c',
       'third_party/modp_b64/modp_b64.cc',
     ],
     'weave_test_sources': [

diff --git a/libweave_common.gypi b/libweave_common.gypi
index 2e1fa10..e4251d8 100644
--- a/libweave_common.gypi
+++ b/libweave_common.gypi

@@ -27,6 +27,7 @@
       'include',
       'third_party/chromium',
       'third_party/include',
+      'third_party/libuweave',
       'third_party/modp_b64/modp_b64',
     ],
     'cflags!': ['-fPIE'],
@@ -34,7 +35,6 @@
       '-fno-exceptions',
       '-fPIC',
       '-fvisibility=hidden',
-      '-std=c++11',
       '-Wall',
       '-Werror',
       '-Wextra',
@@ -48,6 +48,12 @@
       '-Wpointer-arith',
       '-Wwrite-strings',
     ],
+    'cflags_cc': [
+      '-std=c++11',
+    ],
+    'cflags_c': [
+      '-std=c99',
+    ],
     'libraries': [
       # 'library_dirs' does not work as expected with make files
       '-Lthird_party/lib',

diff --git a/src/privet/openssl_utils.cc b/src/privet/openssl_utils.cc
index 2a98fa8..f7bee9b 100644
--- a/src/privet/openssl_utils.cc
+++ b/src/privet/openssl_utils.cc

@@ -6,21 +6,25 @@
 
 #include <algorithm>
 
-#include <openssl/evp.h>
-#include <openssl/hmac.h>
-
 #include <base/logging.h>
 
+extern "C" {
+#include "third_party/libuweave/src/crypto_hmac.h"
+}
+
 namespace weave {
 namespace privet {
 
 std::vector<uint8_t> HmacSha256(const std::vector<uint8_t>& key,
                                 const std::vector<uint8_t>& data) {
   std::vector<uint8_t> mac(kSha256OutputSize);
-  uint32_t len = 0;
-  CHECK(HMAC(EVP_sha256(), key.data(), key.size(), data.data(), data.size(),
-             mac.data(), &len));
-  CHECK_EQ(len, kSha256OutputSize);
+  uint8_t hmac_state[uw_crypto_hmac_required_buffer_size_()];
+  CHECK_EQ(0u, uw_crypto_hmac_init_(hmac_state, sizeof(hmac_state), key.data(),
+                                    key.size()));
+  CHECK(uw_crypto_hmac_update_(hmac_state, sizeof(hmac_state), data.data(),
+                               data.size()));
+  CHECK(uw_crypto_hmac_final_(hmac_state, sizeof(hmac_state), mac.data(),
+                              mac.size()));
   return mac;
 }
 

diff --git a/third_party/libuweave/src/crypto_hmac.c b/third_party/libuweave/src/crypto_hmac.c
new file mode 100644
index 0000000..56bb754
--- /dev/null
+++ b/third_party/libuweave/src/crypto_hmac.c

@@ -0,0 +1,64 @@
+// Copyright 2015 The Weave Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "src/crypto_hmac.h"
+
+#include <stddef.h>
+#include <stdint.h>
+#include <string.h>
+
+#include <openssl/evp.h>
+#include <openssl/hmac.h>
+
+size_t uw_crypto_hmac_required_buffer_size_() {
+  return sizeof(HMAC_CTX);
+}
+
+bool uw_crypto_hmac_init_(uint8_t* state_buffer,
+                          size_t state_buffer_len,
+                          const uint8_t* key,
+                          size_t key_len) {
+  if (sizeof(HMAC_CTX) > state_buffer_len) {
+    return false;
+  }
+  HMAC_CTX* context = (HMAC_CTX*)state_buffer;
+  HMAC_CTX_init(context);
+  return HMAC_Init(context, key, key_len, EVP_sha256()) ? 0 : sizeof(HMAC_CTX);
+}
+
+bool uw_crypto_hmac_update_(uint8_t* state_buffer,
+                            size_t state_buffer_len,
+                            const uint8_t* data,
+                            size_t data_len) {
+  if (sizeof(HMAC_CTX) > state_buffer_len) {
+    return false;
+  }
+  HMAC_CTX* context = (HMAC_CTX*)state_buffer;
+  return HMAC_Update(context, data, data_len);
+}
+
+bool uw_crypto_hmac_final_(uint8_t* state_buffer,
+                           size_t state_buffer_len,
+                           uint8_t* truncated_digest,
+                           size_t truncated_digest_len) {
+  if (sizeof(HMAC_CTX) > state_buffer_len) {
+    return false;
+  }
+  HMAC_CTX* context = (HMAC_CTX*)state_buffer;
+
+  const size_t kFullDigestLen = (size_t)EVP_MD_size(EVP_sha256());
+  if (truncated_digest_len > kFullDigestLen) {
+    return false;
+  }
+
+  uint8_t digest[kFullDigestLen];
+  uint32_t len = kFullDigestLen;
+
+  bool result = HMAC_Final(context, digest, &len) && kFullDigestLen == len;
+  HMAC_CTX_cleanup(context);
+  if (result) {
+    memcpy(truncated_digest, digest, truncated_digest_len);
+  }
+  return result;
+}
commit	47fe6f8ee0e298e008699e4ba845480c3d600031	[log] [tgz]
author	Vitaly Buka <vitalybuka@google.com>	Tue Dec 01 14:37:24 2015 -0800
committer	Vitaly Buka <vitalybuka@google.com>	Tue Dec 08 20:07:03 2015 +0000
tree	aec87e1cfdc0e67725c3e17aed884fa457d6f97e
parent	45dc9dffa92dd88a3c0a22eb13226b5e96c0b972 [diff]