From 294d7906ed19349e3cf6b4405266d9fab433f866 Mon Sep 17 00:00:00 2001
From: mom040267 <mom040267@users.noreply.github.com>
Date: Thu, 28 Aug 2014 15:01:51 +0000
Subject: [PATCH] working on oauth

---
 src/apps/relay/dbdrivers/dbdriver.c | 18 +++++-----
 src/client/ns_turn_msg.c            | 56 +++++++++++++++--------------
 src/client/ns_turn_msg_defs_new.h   |  3 +-
 3 files changed, 40 insertions(+), 37 deletions(-)

diff --git a/src/apps/relay/dbdrivers/dbdriver.c b/src/apps/relay/dbdrivers/dbdriver.c
index 4f84901..9344ecc 100644
--- a/src/apps/relay/dbdrivers/dbdriver.c
+++ b/src/apps/relay/dbdrivers/dbdriver.c
@@ -105,7 +105,7 @@ void convert_oauth_key_data_raw(const oauth_key_data_raw *raw, oauth_key_data *o
 		ns_bcopy(raw->hkdf_hash_func,oakd->hkdf_hash_func,sizeof(oakd->hkdf_hash_func));
 		ns_bcopy(raw->kid,oakd->kid,sizeof(oakd->kid));
 
-		{
+		if(raw->ikm_key[0]) {
 			size_t ikm_key_size = 0;
 			char *ikm_key = base64_encode((const unsigned char *)(raw->ikm_key),strlen(raw->ikm_key),&ikm_key_size);
 			if(ikm_key) {
@@ -115,7 +115,7 @@ void convert_oauth_key_data_raw(const oauth_key_data_raw *raw, oauth_key_data *o
 			}
 		}
 
-		{
+		if(raw->as_rs_key[0]) {
 			size_t as_rs_key_size = 0;
 			char *as_rs_key = base64_encode((const unsigned char *)(raw->as_rs_key),strlen(raw->as_rs_key),&as_rs_key_size);
 			if(as_rs_key) {
@@ -125,13 +125,13 @@ void convert_oauth_key_data_raw(const oauth_key_data_raw *raw, oauth_key_data *o
 			}
 		}
 
-		{
-			size_t as_rs_key_size = 0;
-			char *as_rs_key = base64_encode((const unsigned char *)(raw->as_rs_key),strlen(raw->as_rs_key),&as_rs_key_size);
-			if(as_rs_key) {
-				ns_bcopy(as_rs_key,oakd->as_rs_key,as_rs_key_size);
-				oakd->as_rs_key_size = as_rs_key_size;
-				turn_free(as_rs_key,as_rs_key_size);
+		if(raw->auth_key[0]) {
+			size_t auth_key_size = 0;
+			char *auth_key = base64_encode((const unsigned char *)(raw->auth_key),strlen(raw->auth_key),&auth_key_size);
+			if(auth_key) {
+				ns_bcopy(auth_key,oakd->auth_key,auth_key_size);
+				oakd->auth_key_size = auth_key_size;
+				turn_free(auth_key,auth_key_size);
 			}
 		}
 
diff --git a/src/client/ns_turn_msg.c b/src/client/ns_turn_msg.c
index 85229b8..ae06f33 100644
--- a/src/client/ns_turn_msg.c
+++ b/src/client/ns_turn_msg.c
@@ -1751,10 +1751,7 @@ int convert_oauth_key_data(oauth_key_data *oakd, oauth_key *key, char *err_msg,
 				return -1;
 			}
 			if(!(oakd->auth_key_size)) {
-				if(err_msg) {
-					snprintf(err_msg,err_msg_size,"AUTH key is not defined");
-				}
-				return -1;
+				//AEAD ?
 			}
 		}
 
@@ -1804,6 +1801,21 @@ int convert_oauth_key_data(oauth_key_data *oakd, oauth_key *key, char *err_msg,
 			return -1;
 		}
 
+		key->auth_alg = AUTH_ALG_DEFAULT;
+		if(!strcmp(oakd->auth_alg,"HMAC-SHA-1") || !strcmp(oakd->auth_alg,"HMAC-SHA1")) {
+			key->auth_alg = AUTH_ALG_HMAC_SHA_1;
+		} else if(!strcmp(oakd->auth_alg,"HMAC-SHA-256")) {
+			key->auth_alg = AUTH_ALG_HMAC_SHA_256;
+		} else if(!strcmp(oakd->auth_alg,"HMAC-SHA-256-128")) {
+			key->auth_alg = AUTH_ALG_HMAC_SHA_256_128;
+		} else if(oakd->auth_alg[0]) {
+			if(err_msg) {
+				snprintf(err_msg,err_msg_size,"Wrong oAuth token hash algorithm: %s",oakd->auth_alg);
+			}
+			key->auth_alg = AUTH_ALG_ERROR;
+			return -1;
+		}
+
 		key->as_rs_alg = ENC_ALG_DEFAULT;
 		if(!strcmp(oakd->as_rs_alg,"AES-128-CBC")) {
 			key->as_rs_alg = AES_128_CBC;
@@ -1816,32 +1828,22 @@ int convert_oauth_key_data(oauth_key_data *oakd, oauth_key *key, char *err_msg,
 			return -1;
 		}
 
-		key->auth_alg = AUTH_ALG_DEFAULT;
-		if(!strcmp(oakd->auth_alg,"HMAC-SHA-1") || !strcmp(oakd->auth_alg,"HMAC-SHA1")) {
-			key->auth_alg = AUTH_ALG_HMAC_SHA_1;
-		} else if(!strcmp(oakd->auth_alg,"HMAC-SHA-256")) {
-			key->auth_alg = AUTH_ALG_HMAC_SHA_256;
-		} else if(!strcmp(oakd->auth_alg,"HMAC-SHA-256-128")) {
-			key->auth_alg = AUTH_ALG_HMAC_SHA_256_128;
-		} else if(oakd->auth_alg[0]) {
-			if(err_msg) {
-				snprintf(err_msg,err_msg_size,"Wrong oAuth token hash algorithm: %s",oakd->auth_alg);
+		if(key->auth_alg == AUTH_ALG_UNDEFINED) {
+			//AEAD
+			key->auth_key_size = 0;
+			key->auth_key[0] = 0;
+		} else if(!(key->auth_key_size)) {
+			key->auth_key_size = calculate_auth_key_length(key->auth_alg);
+			if(calculate_key(key->ikm_key,key->ikm_key_size,key->auth_key,key->auth_key_size,key->hkdf_hash_func,err_msg,err_msg_size)<0) {
+				return -1;
 			}
-			return -1;
 		}
-	}
 
-	if(!(key->auth_key_size)) {
-		key->auth_key_size = calculate_auth_key_length(key->auth_alg);
-		if(calculate_key(key->ikm_key,key->ikm_key_size,key->auth_key,key->auth_key_size,key->hkdf_hash_func,err_msg,err_msg_size)<0) {
-			return -1;
-		}
-	}
-
-	if(!(key->as_rs_key_size)) {
-		key->as_rs_key_size = calculate_enc_key_length(key->as_rs_alg);
-		if(calculate_key(key->ikm_key,key->ikm_key_size,key->as_rs_key,key->as_rs_key_size,key->hkdf_hash_func,err_msg,err_msg_size)<0) {
-			return -1;
+		if(!(key->as_rs_key_size)) {
+			key->as_rs_key_size = calculate_enc_key_length(key->as_rs_alg);
+			if(calculate_key(key->ikm_key,key->ikm_key_size,key->as_rs_key,key->as_rs_key_size,key->hkdf_hash_func,err_msg,err_msg_size)<0) {
+				return -1;
+			}
 		}
 	}
 
diff --git a/src/client/ns_turn_msg_defs_new.h b/src/client/ns_turn_msg_defs_new.h
index 22e1090..f16a894 100644
--- a/src/client/ns_turn_msg_defs_new.h
+++ b/src/client/ns_turn_msg_defs_new.h
@@ -84,7 +84,8 @@ typedef enum _ENC_ALG ENC_ALG;
 
 enum _AUTH_ALG {
 	AUTH_ALG_ERROR = -1,
-	AUTH_ALG_DEFAULT = 0,
+	AUTH_ALG_UNDEFINED = 0,
+	AUTH_ALG_DEFAULT = 1,
 	AUTH_ALG_HMAC_SHA_256_128 = AUTH_ALG_DEFAULT,
 	AUTH_ALG_HMAC_SHA_1,
 	AUTH_ALG_HMAC_SHA_256