Add a routine for truncated HMAC verification

crypto/hmac.h

Index: crypto/hmac.h
diff --git a/crypto/hmac.h b/crypto/hmac.h
index a8956ff52b959d0a27e8c52bc5674a91807f5a56..73d6dc3ddb215820010450ed5a5dca6f7936f24a 100644
--- a/crypto/hmac.h
+++ b/crypto/hmac.h
@@ -59,11 +59,16 @@ class CRYPTO_API HMAC {
   // supplied to the Init method. Use of this method is strongly recommended
   // over using Sign() with a manual comparison (such as memcmp), as such
   // comparisons may result in side-channel disclosures, such as timing, that
-  // undermine the cryptographic integrity. This method does not support
-  // comparing truncated HMACs.
+  // undermine the cryptographic integrity. |digest| must be exactly
+  // |DigestLength()| bytes long.
   bool Verify(const base::StringPiece& data,
               const base::StringPiece& digest) const;
 
+  // Verifies a truncated HMAC, behaving identical to Verify(), except
+  // that |digest| is allowed to be smaller than |DigestLength()|.
+  bool VerifyTruncated(const base::StringPiece& data,
+                       const base::StringPiece& digest) const;
+
  private:
   HashAlgorithm hash_alg_;
   scoped_ptr<HMACPlatformData> plat_;