diff options
| author | ppodolsky <ppodolsky@yandex-team.ru> | 2022-02-10 16:48:03 +0300 |
|---|---|---|
| committer | Daniil Cherednik <dcherednik@yandex-team.ru> | 2022-02-10 16:48:03 +0300 |
| commit | ff24d93e6130e0944ce0c9e2d2f54e1e88fc08dd (patch) | |
| tree | 5f33d1a762f7b540dff1883c83c71b391876a558 /library/cpp/tvmauth/src/utils.cpp | |
| parent | 02eacb2e0795d01f1d266d68904068b3789750f5 (diff) | |
| download | ydb-ff24d93e6130e0944ce0c9e2d2f54e1e88fc08dd.tar.gz | |
Restoring authorship annotation for <ppodolsky@yandex-team.ru>. Commit 1 of 2.
Diffstat (limited to 'library/cpp/tvmauth/src/utils.cpp')
| -rw-r--r-- | library/cpp/tvmauth/src/utils.cpp | 74 |
1 files changed, 37 insertions, 37 deletions
diff --git a/library/cpp/tvmauth/src/utils.cpp b/library/cpp/tvmauth/src/utils.cpp index d49efa28b5a..d9fa2acf8e6 100644 --- a/library/cpp/tvmauth/src/utils.cpp +++ b/library/cpp/tvmauth/src/utils.cpp @@ -1,42 +1,42 @@ -#include "utils.h" - +#include "utils.h" + #include "parser.h" -#include <contrib/libs/openssl/include/openssl/evp.h> -#include <contrib/libs/openssl/include/openssl/hmac.h> -#include <contrib/libs/openssl/include/openssl/md5.h> -#include <contrib/libs/openssl/include/openssl/sha.h> - +#include <contrib/libs/openssl/include/openssl/evp.h> +#include <contrib/libs/openssl/include/openssl/hmac.h> +#include <contrib/libs/openssl/include/openssl/md5.h> +#include <contrib/libs/openssl/include/openssl/sha.h> + #include <util/generic/maybe.h> -#include <util/generic/strbuf.h> - +#include <util/generic/strbuf.h> + #include <array> -namespace { +namespace { constexpr const unsigned char b64_encode[] = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_"; constexpr std::array<unsigned char, 256> B64Init() { std::array<unsigned char, 256> buf{}; for (auto& i : buf) - i = 0xff; - - for (int i = 0; i < 64; ++i) + i = 0xff; + + for (int i = 0; i < 64; ++i) buf[b64_encode[i]] = i; - + return buf; - } + } constexpr std::array<unsigned char, 256> b64_decode = B64Init(); } - + namespace NTvmAuth::NUtils { TString Bin2base64url(TStringBuf buf) { if (!buf) { return TString(); } - + TString res; res.resize(((buf.size() + 2) / 3) << 2, 0); - + const unsigned char* pB = (const unsigned char*)buf.data(); const unsigned char* pE = (const unsigned char*)buf.data() + buf.size(); unsigned char* p = (unsigned char*)res.data(); @@ -49,11 +49,11 @@ namespace NTvmAuth::NUtils { *p++ = b64_encode[((b & 0xF) << 2) | ((c & 0xC0) >> 6)]; *p++ = b64_encode[c & 0x3F]; } - + if (pB < pE) { const unsigned char a = *pB; *p++ = b64_encode[(a >> 2) & 0x3F]; - + if (pB == (pE - 1)) { *p++ = b64_encode[((a & 0x3) << 4)]; } else { @@ -62,23 +62,23 @@ namespace NTvmAuth::NUtils { ((int)(b & 0xF0) >> 4)]; *p++ = b64_encode[((b & 0xF) << 2)]; } - } - + } + res.resize(p - (unsigned char*)res.data()); return res; - } - + } + TString Base64url2bin(TStringBuf buf) { const unsigned char* bufin = (const unsigned char*)buf.data(); if (!buf || b64_decode[*bufin] > 63) { return TString(); - } + } const unsigned char* bufend = (const unsigned char*)buf.data() + buf.size(); while (++bufin < bufend && b64_decode[*bufin] < 64) ; int nprbytes = (bufin - (const unsigned char*)buf.data()); int nbytesdecoded = ((nprbytes + 3) / 4) * 3; - + if (nprbytes < static_cast<int>(buf.size())) { int left = buf.size() - nprbytes; while (left--) { @@ -86,13 +86,13 @@ namespace NTvmAuth::NUtils { return TString(); } } - + TString res; res.resize(nbytesdecoded); - + unsigned char* bufout = (unsigned char*)res.data(); bufin = (const unsigned char*)buf.data(); - + while (nprbytes > 4) { unsigned char a = b64_decode[*bufin]; unsigned char b = b64_decode[bufin[1]]; @@ -104,7 +104,7 @@ namespace NTvmAuth::NUtils { bufin += 4; nprbytes -= 4; } - + if (nprbytes == 1) { return {}; // Impossible } @@ -125,8 +125,8 @@ namespace NTvmAuth::NUtils { } return res; - } - + } + TString SignCgiParamsForTvm(TStringBuf secret, TStringBuf ts, TStringBuf dstTvmId, TStringBuf scopes) { TString data; data.reserve(ts.size() + dstTvmId.size() + scopes.size() + 3); @@ -134,22 +134,22 @@ namespace NTvmAuth::NUtils { data.append(ts).push_back(DELIM); data.append(dstTvmId).push_back(DELIM); data.append(scopes).push_back(DELIM); - + TString value(EVP_MAX_MD_SIZE, 0); unsigned macLen = 0; - + if (!::HMAC(EVP_sha256(), secret.data(), secret.size(), (unsigned char*)data.data(), data.size(), (unsigned char*)value.data(), &macLen)) { return {}; } - + if (macLen != EVP_MAX_MD_SIZE) { value.resize(macLen); } return Bin2base64url(value); - } -} + } +} namespace NTvmAuth::NInternal { TMaybe<TInstant> TCanningKnife::GetExpirationTime(TStringBuf ticket) { |