From 4a94ac3fe7680495c6b90315033cc2439e7e92bf Mon Sep 17 00:00:00 2001
From: Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
Date: Thu, 17 Jan 2019 23:40:46 +0100
Subject: [PATCH] Switch to RustCrypto for Hmac.

---
 sasl/Cargo.toml          |  1 +
 sasl/src/common/scram.rs | 25 +++++++++++++++----------
 2 files changed, 16 insertions(+), 10 deletions(-)

diff --git a/sasl/Cargo.toml b/sasl/Cargo.toml
index 8fc9bfc5..663b1031 100644
--- a/sasl/Cargo.toml
+++ b/sasl/Cargo.toml
@@ -22,6 +22,7 @@ scram = ["openssl"]
 base64 = "0.10"
 sha-1 = "0.8"
 sha2 = "0.8"
+hmac = "0.7"
 
 [dependencies.openssl]
 version = "0.10.7"
diff --git a/sasl/src/common/scram.rs b/sasl/src/common/scram.rs
index e087fb39..6d15322a 100644
--- a/sasl/src/common/scram.rs
+++ b/sasl/src/common/scram.rs
@@ -1,11 +1,10 @@
 use openssl::pkcs5::pbkdf2_hmac;
 use openssl::hash::MessageDigest;
-use openssl::sign::Signer;
-use openssl::pkey::PKey;
 use openssl::rand::rand_bytes;
 use openssl::error::ErrorStack;
 use sha1::{Sha1 as Sha1_hash, Digest};
 use sha2::Sha256 as Sha256_hash;
+use hmac::{Hmac, Mac};
 
 use crate::common::Password;
 
@@ -54,10 +53,13 @@ impl ScramProvider for Sha1 { // TODO: look at all these unwraps
     }
 
     fn hmac(data: &[u8], key: &[u8]) -> Vec<u8> {
-        let pkey = PKey::hmac(key).unwrap();
-        let mut signer = Signer::new(MessageDigest::sha1(), &pkey).unwrap();
-        signer.update(data).unwrap();
-        signer.sign_to_vec().unwrap()
+        type HmacSha1 = Hmac<Sha1_hash>;
+        let mut mac = HmacSha1::new_varkey(key).unwrap();
+        mac.input(data);
+        let result = mac.result();
+        let mut vec = Vec::with_capacity(Sha1_hash::output_size());
+        vec.extend_from_slice(result.code().as_slice());
+        vec
     }
 
     fn derive(password: &Password, salt: &[u8], iterations: usize) -> Result<Vec<u8>, String> {
@@ -101,10 +103,13 @@ impl ScramProvider for Sha256 { // TODO: look at all these unwraps
     }
 
     fn hmac(data: &[u8], key: &[u8]) -> Vec<u8> {
-        let pkey = PKey::hmac(key).unwrap();
-        let mut signer = Signer::new(MessageDigest::sha256(), &pkey).unwrap();
-        signer.update(data).unwrap();
-        signer.sign_to_vec().unwrap()
+        type HmacSha256 = Hmac<Sha256_hash>;
+        let mut mac = HmacSha256::new_varkey(key).unwrap();
+        mac.input(data);
+        let result = mac.result();
+        let mut vec = Vec::with_capacity(Sha256_hash::output_size());
+        vec.extend_from_slice(result.code().as_slice());
+        vec
     }
 
     fn derive(password: &Password, salt: &[u8], iterations: usize) -> Result<Vec<u8>, String> {