| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 // Utility class for calculating the HMAC for a given message. We currently | 5 // Utility class for calculating the HMAC for a given message. We currently |
| 6 // only support SHA1 for the hash algorithm, but this can be extended easily. | 6 // only support SHA1 for the hash algorithm, but this can be extended easily. |
| 7 | 7 |
| 8 #ifndef CRYPTO_HMAC_H_ | 8 #ifndef CRYPTO_HMAC_H_ |
| 9 #define CRYPTO_HMAC_H_ | 9 #define CRYPTO_HMAC_H_ |
| 10 #pragma once | 10 #pragma once |
| (...skipping 22 matching lines...) Expand all Loading... |
| 33 ~HMAC(); | 33 ~HMAC(); |
| 34 | 34 |
| 35 // Returns the length of digest that this HMAC will create. | 35 // Returns the length of digest that this HMAC will create. |
| 36 size_t DigestLength() const; | 36 size_t DigestLength() const; |
| 37 | 37 |
| 38 // TODO(abarth): Add a PreferredKeyLength() member function. | 38 // TODO(abarth): Add a PreferredKeyLength() member function. |
| 39 | 39 |
| 40 // Initializes this instance using |key| of the length |key_length|. Call Init | 40 // Initializes this instance using |key| of the length |key_length|. Call Init |
| 41 // only once. It returns false on the second or later calls. | 41 // only once. It returns false on the second or later calls. |
| 42 // TODO(abarth): key_length should be a size_t. | 42 // TODO(abarth): key_length should be a size_t. |
| 43 // |
| 44 // NOTE: the US Federal crypto standard FIPS 198, Section 3 says: |
| 45 // The size of the key, K, shall be equal to or greater than L/2, where L |
| 46 // is the size of the hash function output. |
| 47 // In FIPS 198-1 (and SP-800-107, which describes key size recommendations), |
| 48 // this requirement is gone. But a system crypto library may still enforce |
| 49 // this old requirement. If the key is shorter than this recommended value, |
| 50 // Init() may fail. |
| 43 bool Init(const unsigned char* key, int key_length) WARN_UNUSED_RESULT; | 51 bool Init(const unsigned char* key, int key_length) WARN_UNUSED_RESULT; |
| 44 | 52 |
| 45 // Initializes this instance using |key|. Call Init | 53 // Initializes this instance using |key|. Call Init |
| 46 // only once. It returns false on the second or later calls. | 54 // only once. It returns false on the second or later calls. |
| 47 bool Init(SymmetricKey* key) WARN_UNUSED_RESULT; | 55 bool Init(SymmetricKey* key) WARN_UNUSED_RESULT; |
| 48 | 56 |
| 49 // Initializes this instance using |key|. Call Init only once. It returns | 57 // Initializes this instance using |key|. Call Init only once. It returns |
| 50 // false on the second or later calls. | 58 // false on the second or later calls. |
| 51 bool Init(const base::StringPiece& key) WARN_UNUSED_RESULT { | 59 bool Init(const base::StringPiece& key) WARN_UNUSED_RESULT { |
| 52 return Init(reinterpret_cast<const unsigned char*>(key.data()), | 60 return Init(reinterpret_cast<const unsigned char*>(key.data()), |
| (...skipping 26 matching lines...) Expand all Loading... |
| 79 private: | 87 private: |
| 80 HashAlgorithm hash_alg_; | 88 HashAlgorithm hash_alg_; |
| 81 scoped_ptr<HMACPlatformData> plat_; | 89 scoped_ptr<HMACPlatformData> plat_; |
| 82 | 90 |
| 83 DISALLOW_COPY_AND_ASSIGN(HMAC); | 91 DISALLOW_COPY_AND_ASSIGN(HMAC); |
| 84 }; | 92 }; |
| 85 | 93 |
| 86 } // namespace crypto | 94 } // namespace crypto |
| 87 | 95 |
| 88 #endif // CRYPTO_HMAC_H_ | 96 #endif // CRYPTO_HMAC_H_ |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 9695058:
Don't enforce the old HMAC key size requirement in FIPS 198 Sec. 3. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src/