Skip to content

Commit

Permalink
fix(deprecation): :crypto.hmac -> :crypto.mac, Bitwise.^^^ -> Bitwise…
Browse files Browse the repository at this point in the history
….bxor (#669)
  • Loading branch information
seantanly authored May 24, 2021
1 parent aeff78b commit e9c4474
Show file tree
Hide file tree
Showing 2 changed files with 17 additions and 3 deletions.
11 changes: 9 additions & 2 deletions lib/stripe/webhook.ex
Original file line number Diff line number Diff line change
Expand Up @@ -116,10 +116,17 @@ defmodule Stripe.Webhook do
end

defp compute_signature(payload, secret) do
:crypto.hmac(:sha256, secret, payload)
hmac(:sha256, secret, payload)
|> Base.encode16(case: :lower)
end

# TODO: remove when we require OTP 22
if System.otp_release() >= "22" do
defp hmac(digest, key, data), do: :crypto.mac(:hmac, digest, key, data)
else
defp hmac(digest, key, data), do: :crypto.hmac(digest, key, data)
end

defp secure_equals?(input, expected) when byte_size(input) == byte_size(expected) do
input = String.to_charlist(input)
expected = String.to_charlist(expected)
Expand All @@ -135,7 +142,7 @@ defmodule Stripe.Webhook do
import Bitwise

acc
|> bor(input_codepoint ^^^ expected_codepoint)
|> bor(bxor(input_codepoint, expected_codepoint))
|> secure_compare(input, expected)
end

Expand Down
9 changes: 8 additions & 1 deletion test/stripe/webhook_test.exs
Original file line number Diff line number Diff line change
Expand Up @@ -11,10 +11,17 @@ defmodule Stripe.WebhookTest do
@secret "secret"

defp generate_signature(timestamp, payload, secret \\ @secret) do
:crypto.hmac(:sha256, secret, "#{timestamp}.#{payload}")
hmac(:sha256, secret, "#{timestamp}.#{payload}")
|> Base.encode16(case: :lower)
end

# TODO: remove when we require OTP 22
if System.otp_release() >= "22" do
defp hmac(digest, key, data), do: :crypto.mac(:hmac, digest, key, data)
else
defp hmac(digest, key, data), do: :crypto.hmac(digest, key, data)
end

defp create_signature_header(timestamp, scheme, signature) do
"t=#{timestamp},#{scheme}=#{signature}"
end
Expand Down

0 comments on commit e9c4474

Please sign in to comment.