• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4 
5 #include "crypto/hmac.h"
6 
7 #include <CommonCrypto/CommonHMAC.h>
8 
9 #include "base/logging.h"
10 
11 namespace crypto {
12 
13 struct HMACPlatformData {
14   std::string key_;
15 };
16 
HMAC(HashAlgorithm hash_alg)17 HMAC::HMAC(HashAlgorithm hash_alg)
18     : hash_alg_(hash_alg), plat_(new HMACPlatformData()) {
19   // Only SHA-1 and SHA-256 hash algorithms are supported now.
20   DCHECK(hash_alg_ == SHA1 || hash_alg_ == SHA256);
21 }
22 
Init(const unsigned char * key,int key_length)23 bool HMAC::Init(const unsigned char *key, int key_length) {
24   if (!plat_->key_.empty()) {
25     // Init must not be called more than once on the same HMAC object.
26     NOTREACHED();
27     return false;
28   }
29 
30   plat_->key_.assign(reinterpret_cast<const char*>(key), key_length);
31 
32   return true;
33 }
34 
~HMAC()35 HMAC::~HMAC() {
36   // Zero out key copy.
37   plat_->key_.assign(plat_->key_.length(), std::string::value_type());
38   plat_->key_.clear();
39   plat_->key_.reserve(0);
40 }
41 
Sign(const std::string & data,unsigned char * digest,int digest_length)42 bool HMAC::Sign(const std::string& data,
43                 unsigned char* digest,
44                 int digest_length) {
45   CCHmacAlgorithm algorithm;
46   int algorithm_digest_length;
47   switch (hash_alg_) {
48     case SHA1:
49       algorithm = kCCHmacAlgSHA1;
50       algorithm_digest_length = CC_SHA1_DIGEST_LENGTH;
51       break;
52     case SHA256:
53       algorithm = kCCHmacAlgSHA256;
54       algorithm_digest_length = CC_SHA256_DIGEST_LENGTH;
55       break;
56     default:
57       NOTREACHED();
58       return false;
59   }
60 
61   if (digest_length < algorithm_digest_length) {
62     NOTREACHED();
63     return false;
64   }
65 
66   CCHmac(algorithm,
67          plat_->key_.data(), plat_->key_.length(), data.data(), data.length(),
68          digest);
69 
70   return true;
71 }
72 
73 }  // namespace crypto
74