crypto/hmac.h - Issue 7277024: Add a Verify routine for HMAC - Code Review

Chromium Code Reviews

chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out

(186)

My Issues | Starred Open | Closed | All

Unified Diff: crypto/hmac.h

Issue 7277024: Add a Verify routine for HMAC (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src

Patch Set: Created 9 years, 6 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

« no previous file with comments | « no previous file | crypto/hmac.cc » ('j') | crypto/hmac.cc » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

Index: crypto/hmac.h

diff --git a/crypto/hmac.h b/crypto/hmac.h

index 98002761e0a26d695d70ddac4de22e9c28e5bb95..a8956ff52b959d0a27e8c52bc5674a91807f5a56 100644

--- a/crypto/hmac.h

+++ b/crypto/hmac.h

@@ -54,7 +54,15 @@ class CRYPTO_API HMAC {

bool Sign(const base::StringPiece& data, unsigned char* digest,

int digest_length) const;

- // TODO(albertb): Add a Verify method.

+ // Verifies that the HMAC for the message in |data| equals the HMAC provided

+ // in |digest|, using the algorithm supplied to the constructor and the key

+ // supplied to the Init method. Use of this method is strongly recommended

+ // over using Sign() with a manual comparison (such as memcmp), as such

+ // comparisons may result in side-channel disclosures, such as timing, that

+ // undermine the cryptographic integrity. This method does not support

+ // comparing truncated HMACs.

+ bool Verify(const base::StringPiece& data,

+ const base::StringPiece& digest) const;

private:

HashAlgorithm hash_alg_;

« no previous file with comments | « no previous file | crypto/hmac.cc » ('j') | crypto/hmac.cc » ('J')

Powered by Google App Engine

This is Rietveld 408576698