From 87e27ec31d1ef86ff2449e2c0c3b8a5cb0f85222 Mon Sep 17 00:00:00 2001
From: Arun M <arun11299@gmail.com>
Date: Fri, 3 Nov 2017 09:57:12 +0530
Subject: [PATCH] HMAC algo added

---
 include/jwt/algorithm.hpp     | 233 ++++++++++++++++++++++++++++++++++
 include/jwt/jwt.hpp           |   3 +
 include/jwt/test/test_hmac    | Bin 0 -> 16764 bytes
 include/jwt/test/test_hmac.cc |  16 +++
 4 files changed, 252 insertions(+)
 create mode 100644 include/jwt/algorithm.hpp
 create mode 100755 include/jwt/test/test_hmac
 create mode 100644 include/jwt/test/test_hmac.cc

diff --git a/include/jwt/algorithm.hpp b/include/jwt/algorithm.hpp
new file mode 100644
index 0000000..f9904f4
--- /dev/null
+++ b/include/jwt/algorithm.hpp
@@ -0,0 +1,233 @@
+#ifndef CPP_JWT_ALGORITHM_HPP
+#define CPP_JWT_ALGORITHM_HPP
+
+#include <cassert>
+#include <system_error>
+
+#include <openssl/bio.h>
+#include <openssl/evp.h>
+#include <openssl/hmac.h>
+#include <openssl/buffer.h>
+
+#include "jwt/string_view.hpp"
+
+namespace jwt {
+
+/// The result type of the signing function
+using sign_result_t = std::pair<std::string, std::error_code>;
+/// The result type of verification function
+using verify_result_t = std::pair<int, std::error_code>;
+/// The function pointer type of the signing function
+using sign_func_t   = sign_result_t (*) (string_view key, string_view data);
+
+namespace algo {
+
+//TODO: All these can be done using code generaion.
+// NO. NEVER. I hate Macros.
+// You can use templates too.
+// No. I would rather prefer explicit.
+// Ok. You win.
+
+/*!
+ */
+struct HS256
+{
+  const EVP_MD* operator()() noexcept
+  {
+    return EVP_sha256();
+  }
+};
+
+/*!
+ */
+struct HS384
+{
+  const EVP_MD* operator()() noexcept
+  {
+    return EVP_sha384();
+  }
+};
+
+/*!
+ */
+struct HS512
+{
+  const EVP_MD* operator()() noexcept
+  {
+    return EVP_sha512();
+  }
+};
+
+/*!
+ */
+struct NONE
+{
+  void operator()() noexcept
+  {
+    return;
+  }
+};
+
+/*!
+ */
+struct RS256
+{
+  static const int type = EVP_PKEY_RSA;
+
+  const EVP_MD* operator()() noexcept
+  {
+    return EVP_sha256();
+  }
+};
+
+/*!
+ */
+struct RS384
+{
+  static const int type = EVP_PKEY_RSA;
+
+  const EVP_MD* operator()() noexcept
+  {
+    return EVP_sha384();
+  }
+};
+
+/*!
+ */
+struct RS512
+{
+  static const int type = EVP_PKEY_RSA;
+
+  const EVP_MD* operator()() noexcept
+  {
+    return EVP_sha512();
+  }
+};
+
+/*!
+ */
+struct ES256
+{
+  static const int type = EVP_PKEY_EC;
+
+  const EVP_MD* operator()() noexcept
+  {
+    return EVP_sha256();
+  }
+};
+
+/*!
+ */
+struct ES384
+{
+  static const int type = EVP_PKEY_EC;
+
+  const EVP_MD* operator()() noexcept
+  {
+    return EVP_sha384();
+  }
+};
+
+/*!
+ */
+struct ES512
+{
+  static const int type = EVP_PKEY_EC;
+
+  const EVP_MD* operator()() noexcept
+  {
+    return EVP_sha512();
+  }
+};
+
+} //END Namespace algo
+
+
+/*!
+ */
+template <typename Hasher>
+struct HMACSign
+{
+  /// The type of Hashing algorithm
+  using hasher_type = Hasher;
+
+  /*!
+   */
+  static sign_result_t sign(string_view key, string_view data)
+  {
+    std::string sign;
+    sign.resize(EVP_MAX_MD_SIZE);
+    std::error_code ec{};
+
+    uint32_t len = 0;
+
+    unsigned char* res = HMAC(Hasher{}(),
+                              key.data(),
+                              key.length(),
+                              reinterpret_cast<const unsigned char*>(data.data()),
+                              data.length(),
+                              reinterpret_cast<unsigned char*>(&sign[0]),
+                              &len);
+
+    if (!res) {
+      //TODO: Set the appropriate error code
+    }
+    sign.resize(len);
+
+    return {std::move(sign), ec};
+  }
+
+  /*!
+   */
+  static verify_result_t 
+  verify(string_view key, string_view head, string_view sign)
+  {
+    int compare_res = 0;
+    std::error_code ec{};
+
+    return {compare_res, ec};
+  }
+
+};
+
+/*!
+ */
+template <>
+struct HMACSign<algo::NONE>
+{
+  using hasher_type = algo::NONE;
+
+  /*!
+   */
+  static sign_result_t sign(string_view key, string_view data)
+  {
+    std::string sign;
+    std::error_code ec{};
+
+    //TODO: Set the appropriate error code for none
+    return {sign, ec};
+  }
+
+  /*!
+   */
+  static verify_result_t
+  verify(string_view key, string_view head, string_view sign)
+  {
+    int compare_res = 0;
+    std::error_code ec{};
+
+    //TODO: Set the appropriate error code for none
+    return {compare_res, ec};
+  }
+
+};
+
+
+/*!
+ */
+
+
+} // END namespace jwt
+
+
+#endif
diff --git a/include/jwt/jwt.hpp b/include/jwt/jwt.hpp
index 884dbf0..9ec6efc 100644
--- a/include/jwt/jwt.hpp
+++ b/include/jwt/jwt.hpp
@@ -149,6 +149,9 @@ struct write_interface
 };
 
 /*!
+ * Provides the functionality for doing
+ * base64 encoding and decoding from the
+ * json string.
  */
 template <typename Derived>
 struct base64_enc_dec
diff --git a/include/jwt/test/test_hmac b/include/jwt/test/test_hmac
new file mode 100755
index 0000000000000000000000000000000000000000..e2518551bce2b2213f1153f6f9f8e45f2343a301
GIT binary patch
literal 16764
zcmeHOeQ;dWb$@FCmibyiAh_hi3)o=3jAUCz4uQ(p51#Qyg=HvVFwd*i+FEDz;oX%j
zQ$%*Lx3kYL3u0Pz+?XcnWSVN)G*zaEaXQE&Vi&1y8&t{=H)V>-kj_)aOcjPEDy68u
z-?{g#c2_br4u52(dZT;KJ?EZ#?z!jQd+xbc(yJf5`_V$f2vitGdVygWS0dG4WEk1>
zbtoCeZy;Gnw%xGqe)Cat+i#It`UOhSIWfxVLI<|J-F#$wDT}lZmC_82LpS3>Btm|+
zor-p)R9WGr@)|f8RJd0u9^x0wuoFoaqqdz)bv7jnq;mb<{G5{an&$9vzd@yz2b0OC
z<k>CJct<n=O1Zp&&ntPSH9v9Mz3|P_Z+9eON4p}?j+C7WH<ioFeL=~4Oiu#w5_tu|
zs$koZWGWGB+pX#4^4|HPlD9<H6EFVCW!rXV+x}QvvmI;O)egpTc^5zsRXeGL5HFWe
zEZ?@HE%vTNxHYP%<?=?gygJ>8IM(i2Kd!qvC}7(g)@@%`#1>L|8C9AFTt1C+y-}_&
z+qT={cJe@LQ+wR*NF~lH&lhKeX4+CN*T)Sk=+Cxyw-+trS@NnvO25ULpSZ6JNtCyY
z1^wA}Jp6I`Ee~mVoD6)#i{){=%UPknnSH-`<JL{)hK>H7t=4u6X-44up1eXq%F$g2
z;d=NLVL?_2N+n>6VwJoDcp8dKu2O!6YlCBcWVK=7$2f_JK8A*upxl7OkGe5Ye{3J&
z2bl9aa;ITznxp1&&_YO;BHhuMOxzKVHQmvCAl?j|AGW>7z3%P<<L`Xqo_i15Ki|LP
zpMLNcOF^$9!^Ia%y2Zyy!v`Ctseca#TlBFX3`JyejFpR2D)f#1lgaps>J@8O)UALb
zu_kGKF6|<T10AXM(xz+&(-!)J_XQT187n%7+<NPZ8r@fUKZY@MK{<cpfn+M$y5im<
z^^6-KmG-E^WQ724);Q<y|Ks<N<^0sjoaw{Zt$gj%*AR4%dwZ`E{D8v8yfAUMbKG*f
zJ<I9tvz*Q&z{h}}2Hpcahlc%D9`yV}Id3Z(Owgd9=DZamuKS3$Oyt~sAC??g`@J2+
zoovVS^t9r3rEEFol$F2iKd?J3XUimdnVSAb@U{4SzUY20s6>x>r#>T{je9S%kU7aA
z?Kr{i9W*u5PX0->_P(vyj(FcdVd83~VSfqBONwR8+ph}aUK<N;ciLNm-ge<z5nOTz
zO$|frckoQri1{H=@4FvOPuC1v2TxY*IMIX8uZNMQU?dp|3^(arO_9PjTVCeOPV70$
zferF45NJ91G=Zytlg}wkfRpb5w%N@JaI!}fCcw$|DNKNq?PohDKTO~%;N(XYCcw#$
zDNKNqKL%_h`vP)~4l@v9wbQ#;z+jbtp-O<v5V`2$f(LI$?n*1?Wy|fQ5NqUuQxu`d
z7t-ZA!ZC3Ivts45Eh5VFtPyj(9<^L)KVZT6QO#@KR}kmPoa>3tT8bU^G$&=XxaQOd
zxJ5|=mEHqrV&#Xb$>`=uvYd65BiRiok<a@R908U)q{fh)`X99UW(jGMq~}0#eh5Ae
z+37t)+J42RjF25CX%9(-+3Mn$Mr0|AN^V{#&X%<0A~{=f7+y{`j?2x{jm^}3B>3Vr
znYU?~%m>oS$)1L2%-0w|@X#F~T5gsIMm!2hqmYCxh~#WJ4T!X{3jCvBnYg=zy${uW
zVCx6$2OIz#ure>RJD|sa9s?W(9M%%h7X?`rdP`=9rRQ-gpQjBirxI47*(`UErgFtN
zur&>W^+@G6W0e7T8TeeRo?|Hc`<!Kv>L@BRM8H7@vy2iZLdY<ATol}z*_|xpA4BeK
zhp36~LvJh^Sp@~F(>tJh1$ryNjFsvM$d3!io+fa!LWH7%4GPi88f@<5r-XBGQgI5=
z)x><I>OlbZf@-i>5e0Jx1#|M%Qa89<)d}V*%o(f`q6YU^&RWZTs?u@}z@GaseS51g
z2x;i#8&rD%PW};v32^c|6(+#RTfnfmk;8Pf^#JUf86u&0Qxca=N&cBlNwVIQEUHcE
zX2l3jwu-#22GFvXvMuL<#g<zS#qSO2sT#@N2CH#NdEZ08f+itaF>{jc48GVM;yijk
zL0!536#ob}?=50O@r%JF8?=AToMDV+IYVMOXHc0_VXnfQ!Fo|r0cTK#=PKX~Dl=x4
z8MDfa3Seoe!4U*stjzoy)zAEwGUAY$hQSak{S8P28?Xmk1zUH^5x^sWYKN%}xEL%G
zym`_D!Y)Ubzc`(I2Z^o%j&cs#M-;YX8gkQ+n*+>YT~a2*32@AQ93n_rF@<AdJ0m$}
z**=DcfR_lqctxpS8LUz|RRR=-MFbK&wD8dFB;X|A6d=+@%yZrV%Y=4Antcq_V_-WC
zh)7_|IN&%seEEZb6*;BbKu<Qs{EIzZ-Tx20%?RVLJUF{MP882~4{hgk!zH2bAiDRg
zz^fpPzhb_1u>>M{b_)`Ry`|r~jgnlLMMhBjZjkLqydcSr*(Xltu=y6W>*Jtu<}WSx
zA;?~dJy#bz-u+9b`+3Xx@dnof=<M0xyn_0k>DO}RvlEQ1t$g>G1PP<gmXqH52=C#s
zN0oe3d2cJqz+v;*;PFXsP@&M@OncueAlWW4@)X9*5h6q=i4VB`O){6Qf5aDs{qfM8
z_0>`@@kJ*_)jerB_gI-%7}Q&t?nwZcq0<W<TEY_Qy}!eK0NRafcWjOWIX!V1s%wVf
zATXnT4W||>A^@$bcbuRRMw~6Ld)I??*KGYO=G3ps`)AePly?e+viOOy5yozf@HS>x
zBlpW?ge$_2uR<K3SF2=9`kGBbrBFeoGv2eXE~BaP_{^8@F5GeAW9#p))C{HZUFJ+$
z`5#NBPy3kOI$6`o$K+*cdw;t~$0<0RWUV{O>9_(8SLX5y(dclNd4C|7<x|nbAHqR{
zUpA#Hj+`f+bfsOsc2Wvc;WD;Xi}bHfXaCr{!g9A^uV9i&yow)rxEq(txvjlrRtDr&
zstq=ZB><md_Pbq`mNUqM&>4CkxtnFaYyisM9YPk&UW**Nx}F+TWW^AUoT?MNsQNXE
z1Wcc|iaoFF)~ovF286=zA&5|fdo1^BAbf=NdJH=qTPUjz@4Pyvd&i&))Efoxrg=kf
zC4_aq&n<;L|5MNkwtZ8nLuRgaxQ~!>AK0@~U{p&fZ;qiBuCMk5E?)?FgMyvxFxm-=
z_zoR0&*?sfUXm{0L9(heH~@n9kzSVIO0s`RX}3~K-bm<4=vKV%$RNy77r2Vpo&57;
zy^^br9EZShSegfqkHU>|IL@;iFN{mX%@N6+%Jm)v1`aN!!&xF5q>0QXPHr)!E2cz<
zMpJq*S=(}b(ALOS%F2?91s0NE{uz_us{mHOTdH$4XGIIBXT<zES2fmA4+hycVm`0Y
zKDQxs@YIELA8&Za@gO9<sq8tlkU%elo}K*XkxzWdr}aTgZ4r=gg`jaT>!e$1<3USl
znPp3FBZR{Sq<CRfR(j5yB-tE?zS7si;~O$;DQuaO-0nM0XltmQ{ht`c#80Rl<Ix#4
zy^DMqid}d63$QC!nLosy-v0nc?UH)s&oXDm(ZPlsHk?c)Rx=kGqSa#p@?0>R)paeG
z{ZrC1!pPwVv$#3>^A1%whZFnp_yP6V4u%n7H$%Ey20`y99oGq|)}VedC_RcI;4a|~
zK7$uo$~vNCN!86b5M(t>V0*wpOFNXvCn^{BNy|cC0<r|3`5nbLssxI1Zm)2a#?Vf$
za)Byj60fuqZecNuj+LuomJz%I+$ED2JjAD7=t8;d2)alY+9b{Js%lCyLmUKIg3s*Y
z#X6tuP`Z$QxK|8}n+W?+k$bN94(U|UT#4onE1GubD&Wrb-mmx?q^*uDwVN&r&|8F4
zIc+}x)bZ&^@VE%_;_4*O+Ue1BsV)Q{oWRCPV`Jsu#&Qf*0I|{JIR-b#&z44d`A0ZV
z=nPPZ^oY>^;9SQVnezr|fyKW;YW6-IJM{zhqZvZZkGnxq0%k-294}U7k5GD*Mu@!}
z-rNyc;O1_*)i?%rs=#HaUi2G5YgHPo6T&N&a|&XJ$YW473d(!v*(U*ugZ%^#SzHlk
zTO1>Dp~N0ECT<~Ley9VDWM{XqkZ(rr{R|8fw<A;R(u?BsUIo<^AqTyHBiEkbq4y|{
zT-p=(+wmBLS+X5-ES-I82xDPuRLYu?pc|fHicMYZnJaN%!&-xeEDcrXocq?;Sfpb=
z<vQx7HzEf$M}VFtr9%r|Lf@0~p0I*aveAHzu_AMlPEBrkw4wJt#Hjet>Hg5^oN_xq
zysL96`1`|41Hl)E5oZ<R{bLx#G-BcDW%t32O)s+~e?aohl5dr~LGo>qZ<qXG$sdvY
zQOO^Z{Bg;5O5P-Sv*f!ZZ;^bD<Z;Q{B=3+sA$dyjeUf)c{)FUDO8%7OY000K{E+0o
zD|t@x!^jO|bN&ktVpFecoL;sLu&0H@iGRm{Tj<6o-ef7n(rYYjWoeY9BumFx`Wu#B
zVCfnz$UkE#!cregf6US!u*93|#MfE62~KX}X_oe|M9<OkEK6-HeV3(Xmd>#BC`&;)
zOFFTZn^?M!CF(ozWtP6e(n^*(SXz$K^wFCuZrTLR@a|=dBN<efu|WmYF#a4Vha}(h
z(dUhdYcB)+M@W}Igz+!v`7$J34_Pd2P`D~=26BW1Mm9DJ{HBjyU2z$^VNkIbDZuVD
z9hW_!F9j^nGnsVSsOV$|tp6&yzwpOsv<S%8h`bBraUc&vpNf}|_4zfAq526R^1T6s
z0<Pq|z76Cz72Pnd1BL2*neawrH~KYDqubX{kMTORl#c}})k}hf>^q7RmW)Oc(Uj5H
z-Wm-h!fnm%t)b>{Djf2E5lTM(9*Oo_ibQ<5#x?q2D1_fXEmXfnsRxn22j<s>L^^-(
zI$miQFA(Cg{5oJ2=MsnNB;aDe4!odN0}g){ztaMwqL&&${C-_D4b%hl1dKo$5fFZV
z6iCCQ!;6eSJ+5gxFE$pW0sAgC0^@+8ON>BA&<O0r13EwI&#&T%hRxfIKv&hmqbAU*
zs!JDELZ+eFP%pIspDvBgAsfKhs3pflIEI_8K#g;Z#AyS<YK)bzLBj#qOZYYH(fqWD
z(5n=j^r4nNjDfNKl!mWs_^%pz8osCDhZ<f4`?Fn@hSzGiRKpb-)@gXJhMP5fSi_wf
z?$I!%;Zqu-i}`Qf0`nG_x4^sw<}EO9fq4teTVUP-^A?!5z`O<KE%0k^fh(?GzVilX
z`I&m#espVNYL#u*td6vIrcC3(L{(1_wKkGE&=K7jF;~W#O@lS|?yfEyf99TSZwtp`
zsRQ=DYNO|>dj1uy{8hc(gg*?&U%{tO^MQ+BpeNB6xU$|hA8xRdE#Z~5Yw#MC=qJhA
zvTi+*fq+tFlhS2Pygd?*N7r^HqxP<FB$_g}ZEdW!l@3PYSSfd1tUYNrg_F@WyQ3+z
zH1|>Dux3&cYgU3G7J-KRGx&{>t&Mg~O{689uv3X}ES1CvP0-ec<Lo-so*=<oW8*K}
zV=1#WLW!fFhQvfP8G9nCC60Xx5;xSS@t!V~wMvb*9RrSrTjw6IxvB$GE@K-%kJh!j
z;+@GB)w_2d?bjruZK=e8^)=?U##J^gJbC_7d^1dyil|M>pD){()9CK@!~vykdO`8Z
z*Q?E!kSnPyEUs19B*|zB3$3{+ma_4pXh+)Hk}<4x8xM^wiT3?Uc+cGJYa{V!IAQML
zIFBfn#?;zWG|?JsgL1NF`-E;sy25r-ba$+cYDZewqJO3)%AS4tz=Er=Cm&M(jj=77
z?8LuNfc+TBnEH6M4JaPPY`m>5u#KwLaIDQ(Z!BnS!M~S8Bb})z{%a-7{raUxYiiY+
zX=x2d@DDf1)IQ@LzK&KHW0xbt<K5Wh!wW*ylZ!%=6_bHbD2)`V4~51mK?0+^rG7Dx
zHvD%(KJF6t-v|Fl<NiD1X^l_ncfU<|yc2%BrScu`IgO9$_rafQ+<z~85bBZNf1i9t
z<NiD23mPBL?~Z@3@iC1r#A7VmPilOL#{GB9$2IQ1XMRiL{`;kYXKJ?R+b;Fx?>mV5
z@1Eb%_?UkG90q<l65ox<|C+}6eoXuwjq@Fu_%Afh_hjOg7pnGrS0?^Bjq`n(_zI2l
zotgML;6W7p|Bw1@!C_2%tpBR6@6qqKdx3)vE2*!$3_qxFXr;d2Q#h=mzP~QRPnY30
z;Efyd3;b<m_+ORbKP$s;z?*w<`=&Ddn`QV*W%xgo;rt_)VtM~vhObt3Dd^i!hKI}W
zR2iNv!;dPwV83sd;j|)DkO{zZzx@9T^poG1V2jBATwtjhXlC$FgkW9+CK7|<3EaT4
zF_s{Okgh|z9_a?8rAW(=ZbZ5XX*trZNVg%~j<f=af00;?gr#GwL|TP}ul{Caw;<IJ
z!}sf=U&vtWvTD!%RLz~mXS=;G7TwSDPNJGwhrEg7reRa0(728vNMmew+eRG!tHbf#
z?X^}TLKM?nodlIZ!6%b%HrCk%>7T5roIo=XSsYQxxy30AkL;SVBY(TSz1lX-#<ljg
zO{^}BfEw4>jd$AHYrrAe>L3t@OMLEL&5!NmPBmsNr6U|m(4J*|p6h7XvO1bbv?p-H
zHb+gf%rL7zb@?lCbf4#PT3J|5bFa8HID>bmS~Qm(iHF;E<NS`tam4Dg|2(_iP^@*)
z(v8IRXf}QF-Laa#BR&7-{$Q0gl|fdnwr#|jHlyuu1cOExwYM|c7QwZGGhH5r|6dEO
zVN>I3yR~T1)*wvp2scYehC2-UI-6j2w^oP5O`W^!7_^aK-`^{1Y>|#Fj2~{QLilH*
z)8anMw63X%?!{dJ|E-Jbk{OGA4C|_B`z~1c{`KpN{=+vOt)4|$Ig3&|i?VhWrDoM^
z(wf<%JE`Fu5ua_(4h?OI8jJ65>f%-&cyb4w!ws&8tzh1ns~c<ePAc_Sb1oK4(b?~8
zzp|*A%i6Chs?39x`|3Hz=3mc>`Yv<vb2ls8%RXttvJ2UHHZLFQ99OUz$@<k{hEV$8
wFheiCq|HzZ>*w5VXLB?xT+2{bdLP46NBKoelV)yUb3cdpH?LW5B8;E@7c~+?K>z>%

literal 0
HcmV?d00001

diff --git a/include/jwt/test/test_hmac.cc b/include/jwt/test/test_hmac.cc
new file mode 100644
index 0000000..a4f485a
--- /dev/null
+++ b/include/jwt/test/test_hmac.cc
@@ -0,0 +1,16 @@
+#include <iostream>
+#include "jwt/algorithm.hpp"
+
+void basic_hmac_test()
+{
+  jwt::string_view sv = "secret" ;
+  jwt::string_view d = "Some random data string";
+  auto res = jwt::HMACSign<jwt::algo::HS256>::sign(sv, d);
+
+  std::cout << res.first << std::endl;
+}
+
+int main() {
+  basic_hmac_test();
+  return 0;
+}