diff options
author | rsleevi@chromium.org <rsleevi@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2011-07-18 00:39:44 +0000 |
---|---|---|
committer | rsleevi@chromium.org <rsleevi@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2011-07-18 00:39:44 +0000 |
commit | 3292f537c09512d8d99cdf8e11366fed419ca6a0 (patch) | |
tree | 99ada2742545367133e70ac212c174aeec7a042d /crypto/hmac.h | |
parent | 4baf12d415215ef335d9b19358eb1f36daf42e8a (diff) | |
download | chromium_src-3292f537c09512d8d99cdf8e11366fed419ca6a0.zip chromium_src-3292f537c09512d8d99cdf8e11366fed419ca6a0.tar.gz chromium_src-3292f537c09512d8d99cdf8e11366fed419ca6a0.tar.bz2 |
Add a Verify routine for HMAC
BUG=none
TEST=crypto_unittests
Review URL: http://codereview.chromium.org/7277024
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@92824 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'crypto/hmac.h')
-rw-r--r-- | crypto/hmac.h | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/crypto/hmac.h b/crypto/hmac.h index 9800276..a8956ff 100644 --- a/crypto/hmac.h +++ b/crypto/hmac.h @@ -54,7 +54,15 @@ class CRYPTO_API HMAC { bool Sign(const base::StringPiece& data, unsigned char* digest, int digest_length) const; - // TODO(albertb): Add a Verify method. + // Verifies that the HMAC for the message in |data| equals the HMAC provided + // in |digest|, using the algorithm supplied to the constructor and the key + // supplied to the Init method. Use of this method is strongly recommended + // over using Sign() with a manual comparison (such as memcmp), as such + // comparisons may result in side-channel disclosures, such as timing, that + // undermine the cryptographic integrity. This method does not support + // comparing truncated HMACs. + bool Verify(const base::StringPiece& data, + const base::StringPiece& digest) const; private: HashAlgorithm hash_alg_; |