From f5beadcee4cc988f928e995c6ba7462dfd9beb5f Mon Sep 17 00:00:00 2001
From: ciaranj <ciaranj@gmail.com>
Date: Sun, 5 Dec 2010 22:32:19 +0000
Subject: [PATCH] If running on a node that has openssl built in, then this
 will be used for the SHA1 hashing.

Otherwise will fallback to the pure JS (original) SHA! implementation.
---
 Readme.md    |  2 +-
 lib/oauth.js | 10 +++++++---
 2 files changed, 8 insertions(+), 4 deletions(-)

diff --git a/Readme.md b/Readme.md
index 30a9649..ca02a57 100644
--- a/Readme.md
+++ b/Readme.md
@@ -9,7 +9,7 @@ at connect-auth (http://github.com/ciaranj/connect-auth)
 
 Change History
 ==============
-* 0.8.4 - Fixed issue #14 (Parameter ordering ignored encodings).  Added support for repeated parameter names.
+* 0.8.4 - Fixed issue #14 (Parameter ordering ignored encodings).  Added support for repeated parameter names. Implements issue #15 (Use native SHA1 if available, 10x speed improvement!)
 * 0.8.3 - Fixed an issue where the auth header code depended on the Array's toString method (Yohei Sasaki) Updated the getOAuthRequestToken method so we can access google's OAuth secured methods. Also re-implemented and fleshed out the test suite.
 * 0.8.2 - The request returning methods will now write the POST body if provided (Chris Anderson), the code responsible for manipulating the headers is a bit safe now when working with other code (Paul McKellar) and tweaked the package.json to use index.js instead of main.js
 * 0.8.1 - Added mechanism to get hold of a signed Node Request object, ready for attaching response listeners etc. (Perfect for streaming APIs)
diff --git a/lib/oauth.js b/lib/oauth.js
index d258f52..427f526 100644
--- a/lib/oauth.js
+++ b/lib/oauth.js
@@ -165,10 +165,14 @@ exports.OAuth.prototype._createSignature= function(signatureBase, tokenSecret) {
      hash= this._encodeData(key);
    }
    else {
-     hash= sha1.HMACSHA1(key, signatureBase);
+       if( crypto.Hmac ) {
+         hash = crypto.createHmac("sha1", key).update(signatureBase).digest("base64");
+       }
+       else {
+         hash= sha1.HMACSHA1(key, signatureBase);  
+       }
    }
-
-   return hash;
+   return hash;    
 }
 exports.OAuth.prototype.NONCE_CHARS= ['a','b','c','d','e','f','g','h','i','j','k','l','m','n',
               'o','p','q','r','s','t','u','v','w','x','y','z','A','B',