OLD | NEW |
1 // Copyright (c) 2012, the Dart project authors. Please see the AUTHORS file | 1 // Copyright (c) 2012, the Dart project authors. Please see the AUTHORS file |
2 // for details. All rights reserved. Use of this source code is governed by a | 2 // for details. All rights reserved. Use of this source code is governed by a |
3 // BSD-style license that can be found in the LICENSE file. | 3 // BSD-style license that can be found in the LICENSE file. |
4 | 4 |
5 import 'dart:convert'; | 5 import 'dart:convert'; |
6 import 'dart:typed_data'; | 6 import 'dart:typed_data'; |
7 | 7 |
8 import 'package:typed_data/typed_data.dart'; | |
9 | |
10 import 'digest.dart'; | 8 import 'digest.dart'; |
11 import 'digest_sink.dart'; | 9 import 'digest_sink.dart'; |
12 import 'hash.dart'; | 10 import 'hash.dart'; |
13 | 11 |
14 /// An implementation of [keyed-hash method authentication codes][rfc]. | 12 /// An implementation of [keyed-hash method authentication codes][rfc]. |
15 /// | 13 /// |
16 /// [rfc]: https://tools.ietf.org/html/rfc2104 | 14 /// [rfc]: https://tools.ietf.org/html/rfc2104 |
17 /// | 15 /// |
18 /// HMAC allows messages to be cryptographically authenticated using any | 16 /// HMAC allows messages to be cryptographically authenticated using any |
19 /// iterated cryptographic hash function. | 17 /// iterated cryptographic hash function. |
(...skipping 24 matching lines...) Expand all Loading... |
44 var outerSink = startChunkedConversion(innerSink); | 42 var outerSink = startChunkedConversion(innerSink); |
45 outerSink.add(data); | 43 outerSink.add(data); |
46 outerSink.close(); | 44 outerSink.close(); |
47 return innerSink.value; | 45 return innerSink.value; |
48 } | 46 } |
49 | 47 |
50 ByteConversionSink startChunkedConversion(Sink<Digest> sink) => | 48 ByteConversionSink startChunkedConversion(Sink<Digest> sink) => |
51 new _HmacSink(sink, _hash, _key); | 49 new _HmacSink(sink, _hash, _key); |
52 } | 50 } |
53 | 51 |
54 /// This is deprecated. | |
55 /// | |
56 /// Use [Hmac] instead. | |
57 @Deprecated("Will be removed in crypto 1.0.0.") | |
58 class HMAC { | |
59 final Hmac _hmac; | |
60 | |
61 /// The sink for implementing the deprecated APIs that involved adding data | |
62 /// directly to the [HMAC] instance. | |
63 _HmacSink _sink; | |
64 | |
65 /// The sink that [_sink] sends the [Digest] to once it finishes hashing. | |
66 DigestSink _innerSink; | |
67 | |
68 /// The bytes from the message so far. | |
69 final _message = new Uint8Buffer(); | |
70 | |
71 /// Create an [HMAC] object from a [Hash] and a binary key. | |
72 /// | |
73 /// The key should be a secret shared between the sender and receiver of the | |
74 /// message. | |
75 HMAC(Hash hash, List<int> key) : _hmac = new Hmac(hash, key) { | |
76 _innerSink = new DigestSink(); | |
77 _sink = _hmac.startChunkedConversion(_innerSink); | |
78 } | |
79 | |
80 void add(List<int> data) { | |
81 _message.addAll(data); | |
82 _sink.add(data); | |
83 } | |
84 | |
85 List<int> close() { | |
86 _sink.close(); | |
87 return _innerSink.value.bytes; | |
88 } | |
89 | |
90 List<int> get digest { | |
91 if (_sink._isClosed) return _innerSink.value.bytes; | |
92 | |
93 // This may be called at any point while the message is being hashed, but | |
94 // the [_HmacSink] only supports getting the value once. To make this work, | |
95 // we just re-hash everything after we get the digest. It's redundant, but | |
96 // this API is deprecated anyway. | |
97 _sink.close(); | |
98 var bytes = _innerSink.value.bytes; | |
99 | |
100 _innerSink = new DigestSink(); | |
101 _sink = _hmac._hash.startChunkedConversion(_innerSink); | |
102 _sink.add(_message); | |
103 | |
104 return bytes; | |
105 } | |
106 | |
107 bool verify(List<int> digest) { | |
108 var computedDigest = this.digest; | |
109 if (digest.length != computedDigest.length) { | |
110 throw new ArgumentError( | |
111 'Invalid digest size: ${digest.length} in HMAC.verify. ' | |
112 'Expected: ${_hmac._hash.blockSize}.'); | |
113 } | |
114 | |
115 var result = 0; | |
116 for (var i = 0; i < digest.length; i++) { | |
117 result |= digest[i] ^ computedDigest[i]; | |
118 } | |
119 return result == 0; | |
120 } | |
121 } | |
122 | |
123 /// The concrete implementation of the HMAC algorithm. | 52 /// The concrete implementation of the HMAC algorithm. |
124 class _HmacSink extends ByteConversionSink { | 53 class _HmacSink extends ByteConversionSink { |
125 /// The sink for the outer hash computation. | 54 /// The sink for the outer hash computation. |
126 final ByteConversionSink _outerSink; | 55 final ByteConversionSink _outerSink; |
127 | 56 |
128 /// The sink that [_innerSink]'s result will be added to when it's available. | 57 /// The sink that [_innerSink]'s result will be added to when it's available. |
129 final _innerResultSink = new DigestSink(); | 58 final _innerResultSink = new DigestSink(); |
130 | 59 |
131 /// The sink for the inner hash computation. | 60 /// The sink for the inner hash computation. |
132 ByteConversionSink _innerSink; | 61 ByteConversionSink _innerSink; |
(...skipping 31 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
164 | 93 |
165 void close() { | 94 void close() { |
166 if (_isClosed) return; | 95 if (_isClosed) return; |
167 _isClosed = true; | 96 _isClosed = true; |
168 | 97 |
169 _innerSink.close(); | 98 _innerSink.close(); |
170 _outerSink.add(_innerResultSink.value.bytes); | 99 _outerSink.add(_innerResultSink.value.bytes); |
171 _outerSink.close(); | 100 _outerSink.close(); |
172 } | 101 } |
173 } | 102 } |
OLD | NEW |