Auto merge of #400 - ecstatic-morse:minimal-hmac, r=pietroalbini

Use rust libraries instead of OpenSSL for HMAC Installing OpenSSL requires some work (mostly on Windows), but we use it only for a SHA-1 HMAC. Instead use digest/hmac/sha-1, which are much lighter weight.
rust-lang · Feb 18, 2019 · 73b026c · 73b026c
2 parents bb2449b + 02b47fa
commit 73b026c
Show file tree

Hide file tree

Showing 4 changed files with 40 additions and 24 deletions.
diff --git a/.appveyor.yml b/.appveyor.yml
@@ -14,7 +14,6 @@ cache:
 install:
   - appveyor-retry appveyor DownloadFile https://win.rustup.rs/ -FileName rustup-init.exe
   - rustup-init.exe -y --default-toolchain %CHANNEL% --default-host %TARGET%
-  - set OPENSSL_DIR=C:\OpenSSL-v111-Win64
   - set PATH=%PATH%;C:\Users\appveyor\.cargo\bin
   - rustc -V
   - cargo -V

diff --git a/Cargo.lock b/Cargo.lock
diff --git a/Cargo.toml b/Cargo.toml
@@ -62,7 +62,8 @@ warp = "0.1.9"
 winapi = "0.3"
 log = "0.4.6"
 env_logger = "0.6.0"
-openssl = "0.10.16"
+hmac = "0.7"
+sha-1 = "0.8"
 rust_team_data = { git = "https://github.com/rust-lang/team" }
 
 [dev-dependencies]

diff --git a/src/server/routes/webhooks/mod.rs b/src/server/routes/webhooks/mod.rs
@@ -7,9 +7,9 @@ use crate::server::messages::Message;
 use crate::server::routes::webhooks::args::Command;
 use crate::server::Data;
 use bytes::buf::Buf;
+use hmac::{Hmac, Mac};
 use http::{HeaderMap, Response, StatusCode};
 use hyper::Body;
-use openssl::{hash::MessageDigest, pkey::PKey, sign::Signer};
 use serde_json;
 use std::str::FromStr;
 use std::sync::Arc;
@@ -131,14 +131,7 @@ fn process_command(
 }
 
 fn verify_signature(secret: &str, payload: &[u8], raw_signature: &str) -> bool {
-    macro_rules! try_false {
-        ($expr:expr) => {
-            match $expr {
-                Ok(res) => res,
-                Err(_) => return false,
-            }
-        };
-    };
+    type HmacSha1 = Hmac<sha1::Sha1>;
 
     // The signature must have a =
     if !raw_signature.contains('=') {
@@ -163,19 +156,15 @@ fn verify_signature(secret: &str, payload: &[u8], raw_signature: &str) -> bool {
         return false;
     };
 
-    // Get the correct digest
-    let digest = match *algorithm {
-        "sha1" => MessageDigest::sha1(),
-        // Unknown digest, return false
-        _ => return false,
-    };
+    // Only SHA-1 is supported
+    if *algorithm != "sha1" {
+        return false;
+    }
 
-    // Verify the HMAC using OpenSSL
-    let key = try_false!(PKey::hmac(secret.as_bytes()));
-    let mut signer = try_false!(Signer::new(digest, &key));
-    try_false!(signer.update(payload));
-    let hmac = try_false!(signer.sign_to_vec());
-    openssl::memcmp::eq(&hmac, &signature)
+    // Verify the HMAC signature
+    let mut mac = HmacSha1::new_varkey(secret.as_bytes()).unwrap();
+    mac.input(payload);
+    mac.verify(&signature).is_ok()
 }
 
 fn receive_endpoint(data: Arc<Data>, headers: HeaderMap, body: FullBody) -> Fallible<()> {