Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(684)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: crypto/hmac.cc

Issue 7532020: Add a routine for truncated HMAC verification (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: . Created 9 years, 4 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « crypto/hmac.h ('k') | crypto/hmac_unittest.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "crypto/hmac.h" 5 #include "crypto/hmac.h"
6 6
7 #include <algorithm>
8
7 #include "base/logging.h" 9 #include "base/logging.h"
8 10
9 namespace crypto { 11 namespace crypto {
10 12
11 // Performs a constant-time comparison of two strings, returning true if the 13 // Performs a constant-time comparison of two strings, returning true if the
12 // strings are equal. 14 // strings are equal.
13 // 15 //
14 // For cryptographic operations, comparison functions such as memcmp() may 16 // For cryptographic operations, comparison functions such as memcmp() may
15 // expose side-channel information about input, allowing an attacker to 17 // expose side-channel information about input, allowing an attacker to
16 // perform timing analysis to determine what the expected bits should be. In 18 // perform timing analysis to determine what the expected bits should be. In
(...skipping 19 matching lines...) Expand all
36 default: 38 default:
37 NOTREACHED(); 39 NOTREACHED();
38 return 0; 40 return 0;
39 } 41 }
40 } 42 }
41 43
42 bool HMAC::Verify(const base::StringPiece& data, 44 bool HMAC::Verify(const base::StringPiece& data,
43 const base::StringPiece& digest) const { 45 const base::StringPiece& digest) const {
44 if (digest.size() != DigestLength()) 46 if (digest.size() != DigestLength())
45 return false; 47 return false;
48 return VerifyTruncated(data, digest);
49 }
50
51 bool HMAC::VerifyTruncated(const base::StringPiece& data,
52 const base::StringPiece& digest) const {
53 if (digest.empty())
54 return false;
55 size_t digest_length = DigestLength();
46 scoped_array<unsigned char> computed_digest( 56 scoped_array<unsigned char> computed_digest(
47 new unsigned char[digest.size()]); 57 new unsigned char[digest_length]);
48 if (!Sign(data, computed_digest.get(), static_cast<int>(digest.size()))) 58 if (!Sign(data, computed_digest.get(), static_cast<int>(digest_length)))
49 return false; 59 return false;
50 60
51 return SecureMemcmp(digest.data(), computed_digest.get(), digest.size()); 61 return SecureMemcmp(digest.data(), computed_digest.get(),
62 std::min(digest.size(), digest_length));
52 } 63 }
53 64
54 } // namespace crypto 65 } // namespace crypto
OLDNEW
« no previous file with comments | « crypto/hmac.h ('k') | crypto/hmac_unittest.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698