From 06373cfba5fa70ca41ebc032bb7747ca989473df Mon Sep 17 00:00:00 2001
From: catch <catch@35733.no-reply.drupal.org>
Date: Fri, 30 Dec 2011 15:57:22 +0900
Subject: [PATCH] Issue #448162 by c960657, recidive, sun: Use hash extension
 in _openid_hmac().

---
 core/modules/openid/openid.inc | 21 +--------------------
 1 file changed, 1 insertion(+), 20 deletions(-)

diff --git a/core/modules/openid/openid.inc b/core/modules/openid/openid.inc
index a0549ee4ef80..f38b22e8db65 100644
--- a/core/modules/openid/openid.inc
+++ b/core/modules/openid/openid.inc
@@ -24,11 +24,6 @@
  */
 const OPENID_DH_DEFAULT_GEN = '2';
 
-/**
- * SHA-1 hash block size; used for Diffie-Hellman key exchange computations.
- */
-const OPENID_SHA1_BLOCKSIZE = 64;
-
 /**
  * Random number generator; used for Diffie-Hellman key exchange computations.
  */
@@ -414,25 +409,11 @@ function _openid_signature($association, $message_array, $keys_to_sign) {
 
   $message = _openid_create_message($sign_data);
   $secret = base64_decode($association->mac_key);
-  $signature = _openid_hmac($secret, $message);
+  $signature = hash_hmac('sha1', $message, $secret, TRUE);
 
   return base64_encode($signature);
 }
 
-function _openid_hmac($key, $text) {
-  if (strlen($key) > OPENID_SHA1_BLOCKSIZE) {
-    $key = sha1($key, TRUE);
-  }
-
-  $key = str_pad($key, OPENID_SHA1_BLOCKSIZE, chr(0x00));
-  $ipad = str_repeat(chr(0x36), OPENID_SHA1_BLOCKSIZE);
-  $opad = str_repeat(chr(0x5c), OPENID_SHA1_BLOCKSIZE);
-  $hash1 = sha1(($key ^ $ipad) . $text, TRUE);
-  $hmac = sha1(($key ^ $opad) . $hash1, TRUE);
-
-  return $hmac;
-}
-
 function _openid_dh_base64_to_long($str) {
   $b64 = base64_decode($str);
 
-- 
GitLab