Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(652)

Side by Side Diff: crypto/hmac.h

Issue 11419270: Use size_t as the type of key_length and digest_length arguments of HMAC. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src/
Patch Set: Remove the DCHECK on a digest_length of 0 from hmac_openssl.cc Created 8 years ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « chrome/nacl/nacl_validation_query.cc ('k') | crypto/hmac.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 // Utility class for calculating the HMAC for a given message. We currently 5 // Utility class for calculating the HMAC for a given message. We currently
6 // only support SHA1 for the hash algorithm, but this can be extended easily. 6 // only support SHA1 for the hash algorithm, but this can be extended easily.
7 7
8 #ifndef CRYPTO_HMAC_H_ 8 #ifndef CRYPTO_HMAC_H_
9 #define CRYPTO_HMAC_H_ 9 #define CRYPTO_HMAC_H_
10 10
(...skipping 20 matching lines...) Expand all
31 explicit HMAC(HashAlgorithm hash_alg); 31 explicit HMAC(HashAlgorithm hash_alg);
32 ~HMAC(); 32 ~HMAC();
33 33
34 // Returns the length of digest that this HMAC will create. 34 // Returns the length of digest that this HMAC will create.
35 size_t DigestLength() const; 35 size_t DigestLength() const;
36 36
37 // TODO(abarth): Add a PreferredKeyLength() member function. 37 // TODO(abarth): Add a PreferredKeyLength() member function.
38 38
39 // Initializes this instance using |key| of the length |key_length|. Call Init 39 // Initializes this instance using |key| of the length |key_length|. Call Init
40 // only once. It returns false on the second or later calls. 40 // only once. It returns false on the second or later calls.
41 // TODO(abarth): key_length should be a size_t.
42 // 41 //
43 // NOTE: the US Federal crypto standard FIPS 198, Section 3 says: 42 // NOTE: the US Federal crypto standard FIPS 198, Section 3 says:
44 // The size of the key, K, shall be equal to or greater than L/2, where L 43 // The size of the key, K, shall be equal to or greater than L/2, where L
45 // is the size of the hash function output. 44 // is the size of the hash function output.
46 // In FIPS 198-1 (and SP-800-107, which describes key size recommendations), 45 // In FIPS 198-1 (and SP-800-107, which describes key size recommendations),
47 // this requirement is gone. But a system crypto library may still enforce 46 // this requirement is gone. But a system crypto library may still enforce
48 // this old requirement. If the key is shorter than this recommended value, 47 // this old requirement. If the key is shorter than this recommended value,
49 // Init() may fail. 48 // Init() may fail.
50 bool Init(const unsigned char* key, int key_length) WARN_UNUSED_RESULT; 49 bool Init(const unsigned char* key, size_t key_length) WARN_UNUSED_RESULT;
51 50
52 // Initializes this instance using |key|. Call Init 51 // Initializes this instance using |key|. Call Init
53 // only once. It returns false on the second or later calls. 52 // only once. It returns false on the second or later calls.
54 bool Init(SymmetricKey* key) WARN_UNUSED_RESULT; 53 bool Init(SymmetricKey* key) WARN_UNUSED_RESULT;
55 54
56 // Initializes this instance using |key|. Call Init only once. It returns 55 // Initializes this instance using |key|. Call Init only once. It returns
57 // false on the second or later calls. 56 // false on the second or later calls.
58 bool Init(const base::StringPiece& key) WARN_UNUSED_RESULT { 57 bool Init(const base::StringPiece& key) WARN_UNUSED_RESULT {
59 return Init(reinterpret_cast<const unsigned char*>(key.data()), 58 return Init(reinterpret_cast<const unsigned char*>(key.data()),
60 static_cast<int>(key.size())); 59 key.size());
61 } 60 }
62 61
63 // Calculates the HMAC for the message in |data| using the algorithm supplied 62 // Calculates the HMAC for the message in |data| using the algorithm supplied
64 // to the constructor and the key supplied to the Init method. The HMAC is 63 // to the constructor and the key supplied to the Init method. The HMAC is
65 // returned in |digest|, which has |digest_length| bytes of storage available. 64 // returned in |digest|, which has |digest_length| bytes of storage available.
66 // TODO(abarth): digest_length should be a size_t.
67 bool Sign(const base::StringPiece& data, unsigned char* digest, 65 bool Sign(const base::StringPiece& data, unsigned char* digest,
68 int digest_length) const WARN_UNUSED_RESULT; 66 size_t digest_length) const WARN_UNUSED_RESULT;
69 67
70 // Verifies that the HMAC for the message in |data| equals the HMAC provided 68 // Verifies that the HMAC for the message in |data| equals the HMAC provided
71 // in |digest|, using the algorithm supplied to the constructor and the key 69 // in |digest|, using the algorithm supplied to the constructor and the key
72 // supplied to the Init method. Use of this method is strongly recommended 70 // supplied to the Init method. Use of this method is strongly recommended
73 // over using Sign() with a manual comparison (such as memcmp), as such 71 // over using Sign() with a manual comparison (such as memcmp), as such
74 // comparisons may result in side-channel disclosures, such as timing, that 72 // comparisons may result in side-channel disclosures, such as timing, that
75 // undermine the cryptographic integrity. |digest| must be exactly 73 // undermine the cryptographic integrity. |digest| must be exactly
76 // |DigestLength()| bytes long. 74 // |DigestLength()| bytes long.
77 bool Verify(const base::StringPiece& data, 75 bool Verify(const base::StringPiece& data,
78 const base::StringPiece& digest) const WARN_UNUSED_RESULT; 76 const base::StringPiece& digest) const WARN_UNUSED_RESULT;
79 77
80 // Verifies a truncated HMAC, behaving identical to Verify(), except 78 // Verifies a truncated HMAC, behaving identical to Verify(), except
81 // that |digest| is allowed to be smaller than |DigestLength()|. 79 // that |digest| is allowed to be smaller than |DigestLength()|.
82 bool VerifyTruncated( 80 bool VerifyTruncated(
83 const base::StringPiece& data, 81 const base::StringPiece& data,
84 const base::StringPiece& digest) const WARN_UNUSED_RESULT; 82 const base::StringPiece& digest) const WARN_UNUSED_RESULT;
85 83
86 private: 84 private:
87 HashAlgorithm hash_alg_; 85 HashAlgorithm hash_alg_;
88 scoped_ptr<HMACPlatformData> plat_; 86 scoped_ptr<HMACPlatformData> plat_;
89 87
90 DISALLOW_COPY_AND_ASSIGN(HMAC); 88 DISALLOW_COPY_AND_ASSIGN(HMAC);
91 }; 89 };
92 90
93 } // namespace crypto 91 } // namespace crypto
94 92
95 #endif // CRYPTO_HMAC_H_ 93 #endif // CRYPTO_HMAC_H_
OLDNEW
« no previous file with comments | « chrome/nacl/nacl_validation_query.cc ('k') | crypto/hmac.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698