aboutsummaryrefslogtreecommitdiff
path: root/lib/reqsign.c
diff options
context:
space:
mode:
Diffstat (limited to 'lib/reqsign.c')
-rw-r--r--lib/reqsign.c46
1 files changed, 41 insertions, 5 deletions
diff --git a/lib/reqsign.c b/lib/reqsign.c
index a8a4e5e..893e4d7 100644
--- a/lib/reqsign.c
+++ b/lib/reqsign.c
@@ -18,6 +18,7 @@
#include <string.h>
#include <time.h>
#include "libeclat.h"
+#include "sha256.h"
#include "grecs.h"
struct pname {
@@ -42,15 +43,15 @@ compnames(const void *a, const void *b)
return strcmp(*ac, *bc);
}
-void
-eclat_query_signature(struct ec2_query *req, char *secret)
+static void
+querysign2(struct ec2_query *req, char *secret)
{
char **pnames;
size_t i, n;
struct grecs_txtacc *acc;
struct pname pn;
char *str;
- char digest[20];
+ char digest[SHA256_DIGEST_SIZE];
size_t siglen;
const char *verb;
char tsbuf[22];
@@ -59,7 +60,7 @@ eclat_query_signature(struct ec2_query *req, char *secret)
acc = grecs_txtacc_create();
/* Add default parameters */
- eclat_query_add_param(req, "SignatureMethod", "HmacSHA1");
+ eclat_query_add_param(req, "SignatureMethod", "HmacSHA256");
eclat_query_add_param(req, "SignatureVersion", "2");
time(&t);
@@ -103,7 +104,7 @@ eclat_query_signature(struct ec2_query *req, char *secret)
grecs_txtacc_grow_char(acc, 0);
str = grecs_txtacc_finish(acc, 0);
- hmac_sha1(str, strlen(str), secret, strlen(secret), digest);
+ hmac_sha256(str, strlen(str), secret, strlen(secret), digest);
eclat_base64_encode((unsigned char *)digest, sizeof(digest),
(unsigned char**) &req->signature, &siglen);
@@ -117,3 +118,38 @@ eclat_query_signature(struct ec2_query *req, char *secret)
eclat_query_add_param(req, "Expires", tsbuf);
*/
}
+
+static void
+querysign4(struct ec2_query *req, char *secret)
+{
+ abort();
+}
+
+
+struct qsimpl {
+ char *qs_version;
+ void (*qs_fun)(struct ec2_query *, char *);
+};
+
+static struct qsimpl qstab[] = {
+ { "2", querysign2 },
+ { "4", querysign4 },
+ { NULL }
+};
+
+void
+eclat_query_sign(struct ec2_query *req, char *secret, char *version)
+{
+ struct qsimpl *qs;
+
+ for (qs = qstab; qs->qs_version && strcmp(qs->qs_version, version);
+ qs++)
+ ;
+
+ if (qs->qs_version)
+ qs->qs_fun(req, secret);
+ else {
+ err("INTERNAL ERROR: unsupported version %s", version);
+ abort();
+ }
+}

Return to:

Send suggestions and report system problems to the System administrator.