Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(763)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: lib/src/hmac.dart

Issue 1348983002: Update documentation comments. (Closed) Base URL: git@github.com:dart-lang/crypto.git@master
Patch Set: Code review changes Created 5 years, 3 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « lib/src/hash_base.dart ('k') | lib/src/md5.dart » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012, the Dart project authors. Please see the AUTHORS file 1 // Copyright (c) 2012, the Dart project authors. Please see the AUTHORS file
2 // for details. All rights reserved. Use of this source code is governed by a 2 // for details. All rights reserved. Use of this source code is governed by a
3 // BSD-style license that can be found in the LICENSE file. 3 // BSD-style license that can be found in the LICENSE file.
4 4
5 library crypto.hmac; 5 library crypto.hmac;
6 6
7 import 'hash.dart'; 7 import 'hash.dart';
8 8
9 /** 9 /// An implementation of [keyed-hash method authentication codes][rfc].
10 * Hash-based Message Authentication Code support. 10 ///
11 * 11 /// [rfc]: https://tools.ietf.org/html/rfc2104
12 * The [add] method is used to add data to the message. The [digest] and 12 ///
13 * [close] methods are used to extract the message authentication code. 13 /// HMAC allows messages to be cryptographically authenticated using any
14 */ 14 /// iterated cryptographic hash function.
15 // TODO(floitsch): make Hash implement Sink, EventSink or similar. 15 ///
16 /// The message's data is added using [add]. Once it's been fully added, the
17 /// [digest] and [close] methods can be used to extract the message
18 /// authentication digest.
19 ///
20 /// If an expected authentication digest is available, the [verify] method may
21 /// also be used to ensure that the message actually corresponds to that digest.
22 // TODO(floitsch): make HMAC implement Sink, EventSink or similar.
16 class HMAC { 23 class HMAC {
24 /// The bytes from the message so far.
17 final List<int> _message; 25 final List<int> _message;
26
27 /// The hash function used to compute the authentication digest.
18 Hash _hash; 28 Hash _hash;
29
30 /// The secret key shared by the sender and the receiver.
19 List<int> _key; 31 List<int> _key;
32
33 /// Whether this is closed.
20 bool _isClosed = false; 34 bool _isClosed = false;
21 35
22 /** 36 /// Create an [HMAC] object from a [Hash] and a binary key.
23 * Create an [HMAC] object from a [Hash] and a key. 37 ///
24 */ 38 /// The key should be a secret shared between the sender and receiver of the
39 /// message.
25 HMAC(Hash this._hash, List<int> this._key) : _message = []; 40 HMAC(Hash this._hash, List<int> this._key) : _message = [];
26 41
27 /** 42 /// Adds a list of bytes to the message.
28 * Add a list of bytes to the message. 43 ///
29 */ 44 /// If [this] has already been closed, throws a [StateError].
30 void add(List<int> data) { 45 void add(List<int> data) {
31 if (_isClosed) throw new StateError("HMAC is closed"); 46 if (_isClosed) throw new StateError("HMAC is closed");
32 _message.addAll(data); 47 _message.addAll(data);
33 } 48 }
34 49
35 /** 50 /// Returns the digest of the message so far, as a list of bytes.
36 * Extract the message digest as a list of bytes without closing [this].
37 */
38 List<int> get digest { 51 List<int> get digest {
39 var blockSize = _hash.blockSize; 52 var blockSize = _hash.blockSize;
40 53
41 // Hash the key if it is longer than the block size of the hash. 54 // Hash the key if it is longer than the block size of the hash.
42 if (_key.length > blockSize) { 55 if (_key.length > blockSize) {
43 _hash = _hash.newInstance(); 56 _hash = _hash.newInstance();
44 _hash.add(_key); 57 _hash.add(_key);
45 _key = _hash.close(); 58 _key = _hash.close();
46 } 59 }
47 60
(...skipping 24 matching lines...) Expand all
72 padding[i] = 0x5c ^ _key[i]; 85 padding[i] = 0x5c ^ _key[i];
73 } 86 }
74 87
75 // Outer hash computation which is the result. 88 // Outer hash computation which is the result.
76 _hash = _hash.newInstance(); 89 _hash = _hash.newInstance();
77 _hash.add(padding); 90 _hash.add(padding);
78 _hash.add(innerHash); 91 _hash.add(innerHash);
79 return _hash.close(); 92 return _hash.close();
80 } 93 }
81 94
82 /** 95 /// Closes [this] and returns the digest of the message as a list of bytes.
83 * Perform the actual computation and extract the message digest 96 ///
84 * as a list of bytes. 97 /// Once closed, [add] may no longer be called.
85 */
86 List<int> close() { 98 List<int> close() {
87 _isClosed = true; 99 _isClosed = true;
88 return digest; 100 return digest;
89 } 101 }
90 102
91 /** 103 /// Returns whether the digest computed for the data so far matches the given
92 * Verify that the HMAC computed for the data so far matches the 104 /// [digest].
93 * given message digest. 105 ///
94 * 106 /// This method should be used instead of iterative comparisons to avoid
95 * This method should be used instead of memcmp-style comparisons 107 /// leaking information via timing.
96 * to avoid leaking information via timing. 108 ///
97 * 109 /// Throws an [ArgumentError] if the given digest does not have the same size
98 * Throws an exception if the given digest does not have the same 110 /// as the digest computed by [this].
99 * size as the digest computed by this HMAC instance.
100 */
101 bool verify(List<int> digest) { 111 bool verify(List<int> digest) {
102 var computedDigest = this.digest; 112 var computedDigest = this.digest;
103 if (digest.length != computedDigest.length) { 113 if (digest.length != computedDigest.length) {
104 throw new ArgumentError( 114 throw new ArgumentError(
105 'Invalid digest size: ${digest.length} in HMAC.verify. ' 115 'Invalid digest size: ${digest.length} in HMAC.verify. '
106 'Expected: ${_hash.blockSize}.'); 116 'Expected: ${_hash.blockSize}.');
107 } 117 }
108 int result = 0; 118 int result = 0;
109 for (var i = 0; i < digest.length; i++) { 119 for (var i = 0; i < digest.length; i++) {
110 result |= digest[i] ^ computedDigest[i]; 120 result |= digest[i] ^ computedDigest[i];
111 } 121 }
112 return result == 0; 122 return result == 0;
113 } 123 }
114 } 124 }
OLDNEW
« no previous file with comments | « lib/src/hash_base.dart ('k') | lib/src/md5.dart » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698