Merge pull request #37 from nayato/ring

switch to ring for signing

Author: MindFlavor

Cargo.toml

@@ -13,6 +13,7 @@ keywords       = ["sdk", "azure", "rest", "iot", "cloud"]
 categories     = ["api-bindings"]
 
 [dependencies]
+ring         = "0.12.1"
 RustyXML     = "0.1.1"
 base64       = "0.9.1"
 chrono       = "0.4.2"

examples/document_entries00.rs

@@ -47,7 +47,7 @@ struct MySampleStructOwned {
 // This example expects you to have created a collection
 // with partitionKey on "id". This SDK works with
 // unpartitioned collections too but this example,
-// for semplicity sake, does not :)
+// for simplicity sake, does not :)
 fn main() {
     code().unwrap();
 }
@@ -70,7 +70,7 @@ fn code() -> Result<(), Box<Error>> {
 
     let client = Client::new(&core.handle(), authorization_token)?;
 
-    for i in 0..50 {
+    for i in 0..5 {
         let doc = MySampleStruct {
             id: &format!("unique_id{}", i),
             a_string: "Something here",

src/azure/core/mod.rs

@@ -1,4 +1,4 @@
-extern crate crypto;
+extern crate ring;
 extern crate hyper;
 extern crate url;
 

src/azure/cosmos/client.rs

@@ -33,9 +33,7 @@ use serde::Serialize;
 use serde_json::map::Map;
 use serde_json::Value;
 
-use crypto::hmac::Hmac;
-use crypto::mac::Mac;
-use crypto::sha2::Sha256;
+use ring::{hmac, digest::SHA256};
 
 use base64;
 use hyper;
@@ -1250,10 +1248,9 @@ fn generate_authorization(
 }
 
 fn encode_str_to_sign(str_to_sign: &str, authorization_token: &AuthorizationToken) -> String {
-    let mut hmac = Hmac::new(Sha256::new(), authorization_token.binary_form());
-    hmac.input(str_to_sign.as_bytes());
-
-    base64::encode(hmac.result().code())
+    let key = hmac::SigningKey::new(&SHA256, authorization_token.binary_form());
+    let sig = hmac::sign(&key, str_to_sign.as_bytes());
+    base64::encode(sig.as_ref())
 }
 
 fn string_to_sign(

src/azure/service_bus/event_hub/client.rs

@@ -6,15 +6,14 @@ use azure::service_bus::event_hub::send_event;
 
 use time::Duration;
 
-use crypto::hmac::Hmac;
-use crypto::sha2::Sha256;
+use ring::{hmac::SigningKey, digest::SHA256};
 
 pub struct Client {
     handle: tokio_core::reactor::Handle,
     namespace: String,
     event_hub: String,
     policy_name: String,
-    hmac: Hmac<Sha256>,
+    signing_key: SigningKey,
 }
 
 impl Client {
@@ -25,16 +24,14 @@ impl Client {
         policy_name: &str,
         key: &str,
     ) -> Client {
-        let mut v_hmac_key: Vec<u8> = Vec::new();
-        v_hmac_key.extend(key.as_bytes());
-        let hmac = Hmac::new(Sha256::new(), &v_hmac_key);
+        let signing_key = SigningKey::new(&SHA256, key.as_bytes());
 
         Client {
             handle: handle,
             namespace: namespace.to_owned(),
             event_hub: event_hub.to_owned(),
             policy_name: policy_name.to_owned(),
-            hmac: hmac,
+            signing_key,
         }
     }
 
@@ -49,7 +46,7 @@ impl Client {
                 &self.namespace,
                 &self.event_hub,
                 &self.policy_name,
-                &mut self.hmac,
+                &self.signing_key,
                 event_body,
                 duration,
             )
@@ -61,20 +58,20 @@ impl Client {
 mod test {
     #[allow(unused_imports)]
     use super::Client;
+    use ring::hmac;
 
     #[test]
     pub fn client_enc() {
         use base64;
-        use crypto::mac::Mac;
         use tokio_core::reactor::Core;
 
         let str_to_sign = "This must be secret!";
 
         let core = Core::new().unwrap();
-        let mut c = Client::new(core.handle(), "namespace", "event_hub", "policy", "key");
+        let c = Client::new(core.handle(), "namespace", "event_hub", "policy", "key");
 
-        c.hmac.input(str_to_sign.as_bytes());
-        let sig = base64::encode(c.hmac.result().code());
+        let sig = hmac::sign(&c.signing_key, str_to_sign.as_bytes());
+        let sig = base64::encode(sig.as_ref());
 
         assert_eq!(sig, "2UNXaoPpeJBAhh6qxmTqXyNzTpOflGO6IhxegeUQBcU=");
     }

src/azure/service_bus/event_hub/mod.rs

@@ -20,9 +20,7 @@ use std::ops::Add;
 use url::form_urlencoded::Serializer;
 use url::percent_encoding::utf8_percent_encode;
 
-use crypto::hmac::Hmac;
-use crypto::mac::Mac;
-use crypto::sha2::Sha256;
+use ring::hmac;
 
 mod client;
 pub use self::client::Client;
@@ -35,7 +33,7 @@ fn send_event_prepare(
     namespace: &str,
     event_hub: &str,
     policy_name: &str,
-    hmac: &mut Hmac<Sha256>,
+    signing_key: &hmac::SigningKey,
     event_body: &str,
     duration: Duration,
 ) -> Result<hyper::client::FutureResponse, AzureError> {
@@ -48,7 +46,7 @@ fn send_event_prepare(
     debug!("url == {:?}", url);
 
     // generate sas signature based on key name, key value, url and duration.
-    let sas = generate_signature(policy_name, hmac, &url.to_string(), duration);
+    let sas = generate_signature(policy_name, signing_key, &url.to_string(), duration);
     debug!("sas == {}", sas);
 
     let client = hyper::Client::configure()
@@ -73,7 +71,7 @@ fn send_event(
     namespace: &str,
     event_hub: &str,
     policy_name: &str,
-    hmac: &mut Hmac<Sha256>,
+    hmac: &hmac::SigningKey,
     event_body: &str,
     duration: Duration,
 ) -> impl Future<Item = (), Error = AzureError> {
@@ -94,7 +92,7 @@ fn send_event(
 
 fn generate_signature(
     policy_name: &str,
-    hmac: &mut Hmac<Sha256>,
+    signing_key: &hmac::SigningKey,
     url: &str,
     ttl: Duration,
 ) -> String {
@@ -107,10 +105,9 @@ fn generate_signature(
     let str_to_sign = format!("{}\n{}", url_encoded, expiry);
     debug!("str_to_sign == {:?}", str_to_sign);
 
-    hmac.reset();
-    hmac.input(str_to_sign.as_bytes());
+    let sig = hmac::sign(signing_key, str_to_sign.as_bytes());
     let sig = {
-        let sig = base64::encode(hmac.result().code());
+        let sig = base64::encode(sig.as_ref());
         debug!("sig == {}", sig);
         let mut ser = Serializer::new(String::new());
         ser.append_pair("sig", &sig);

src/azure/storage/rest_client.rs

@@ -3,9 +3,7 @@ use azure::core::lease::{LeaseAction, LeaseDuration, LeaseId, LeaseState, LeaseS
 use azure::core::range;
 use base64;
 use chrono;
-use crypto::hmac::Hmac;
-use crypto::mac::Mac;
-use crypto::sha2::Sha256;
+use ring::{hmac, digest::SHA256};
 use hyper;
 use hyper::header::{
     ContentEncoding, ContentLanguage, ContentLength, ContentType, Date, Header, Headers,
@@ -65,17 +63,13 @@ fn generate_authorization(
 }
 
 fn encode_str_to_sign(str_to_sign: &str, hmac_key: &str) -> String {
-    let mut v_hmac_key: Vec<u8> = Vec::new();
-
-    v_hmac_key.extend(base64::decode(hmac_key).unwrap());
-
-    let mut hmac = Hmac::new(Sha256::new(), &v_hmac_key);
-    hmac.input(str_to_sign.as_bytes());
+    let key = hmac::SigningKey::new(&SHA256, &base64::decode(hmac_key).unwrap());
+    let sig = hmac::sign(&key, str_to_sign.as_bytes());
 
     // let res = hmac.result();
     // println!("{:?}", res.code());
 
-    base64::encode(hmac.result().code())
+    base64::encode(sig.as_ref())
 }
 
 #[inline]

src/lib.rs

@@ -11,7 +11,7 @@ extern crate native_tls;
 extern crate tokio_core;
 
 extern crate base64;
-extern crate crypto;
+extern crate ring;
 extern crate time;
 #[macro_use]
 extern crate url;