mirror of https://github.com/aria2/aria2
Consistent style in util_security
Nils Maier
parent
77f0f1395c
commit
c8ccb43428
|
|
@ -68,7 +68,8 @@ static inline size_t getBlockSize(const std::string& algorithm)
|
|||
}
|
||||
|
||||
err:
|
||||
throw FATAL_EXCEPTION(fmt("HMAC does not support algorithm %s", algorithm.c_str()));
|
||||
throw FATAL_EXCEPTION(
|
||||
fmt("HMAC does not support algorithm %s", algorithm.c_str()));
|
||||
}
|
||||
|
||||
} // namespace
|
||||
|
|
@ -86,7 +87,7 @@ bool compare(const unsigned char a, const unsigned char b)
|
|||
return rv;
|
||||
}
|
||||
|
||||
bool compare(const uint8_t *a, const uint8_t *b, size_t length)
|
||||
bool compare(const uint8_t* a, const uint8_t* b, size_t length)
|
||||
{
|
||||
unsigned char rv = 0;
|
||||
for (size_t i = 0; i < length; ++i) {
|
||||
|
|
@ -96,7 +97,8 @@ bool compare(const uint8_t *a, const uint8_t *b, size_t length)
|
|||
}
|
||||
|
||||
HMAC::HMAC(const std::string& algorithm, const char* secret, size_t length)
|
||||
: blockSize_(getBlockSize(algorithm)), md_(MessageDigest::create(algorithm)),
|
||||
: blockSize_(getBlockSize(algorithm)),
|
||||
md_(MessageDigest::create(algorithm)),
|
||||
clean_(false)
|
||||
{
|
||||
ipad_.assign(blockSize_, 0x36);
|
||||
|
|
@ -107,14 +109,14 @@ HMAC::HMAC(const std::string& algorithm, const char* secret, size_t length)
|
|||
md_->update(secret, length);
|
||||
auto hash = md_->digest();
|
||||
for (size_t i = 0uL, e = hash.length(); i < e; ++i) {
|
||||
ipad_.replace(i, 1, 1, hash[i] ^ 0x36);
|
||||
opad_.replace(i, 1, 1, hash[i] ^ 0x5c);
|
||||
ipad_.replace(i, 1, 1, hash[i] ^ 0x36);
|
||||
opad_.replace(i, 1, 1, hash[i] ^ 0x5c);
|
||||
}
|
||||
}
|
||||
else {
|
||||
for (size_t i = 0uL, e = length; i < e; ++i) {
|
||||
ipad_.replace(i, 1, 1, secret[i] ^ 0x36);
|
||||
opad_.replace(i, 1, 1, secret[i] ^ 0x5c);
|
||||
ipad_.replace(i, 1, 1, secret[i] ^ 0x36);
|
||||
opad_.replace(i, 1, 1, secret[i] ^ 0x5c);
|
||||
}
|
||||
}
|
||||
reset();
|
||||
|
|
@ -131,17 +133,21 @@ std::unique_ptr<HMAC> HMAC::createRandom(const std::string& algorithm)
|
|||
return create(algorithm, buf.get(), len);
|
||||
}
|
||||
|
||||
bool HMAC::supports(const std::string& algorithm) {
|
||||
bool HMAC::supports(const std::string& algorithm)
|
||||
{
|
||||
if (!MessageDigest::supports(algorithm)) {
|
||||
return false;
|
||||
}
|
||||
const auto canon = MessageDigest::getCanonicalHashType(algorithm);
|
||||
return canon == "sha-1" || canon == "sha-224" || canon == "sha-256" ||
|
||||
canon == "sha-384" || canon == "sha-512";
|
||||
canon == "sha-384" || canon == "sha-512";
|
||||
}
|
||||
|
||||
HMACResult PBKDF2(HMAC* hmac, const char* salt, size_t salt_length,
|
||||
size_t iterations, size_t key_length)
|
||||
HMACResult PBKDF2(HMAC* hmac,
|
||||
const char* salt,
|
||||
size_t salt_length,
|
||||
size_t iterations,
|
||||
size_t key_length)
|
||||
{
|
||||
if (!hmac) {
|
||||
throw FATAL_EXCEPTION("hmac cannot be null");
|
||||
|
|
@ -150,7 +156,8 @@ HMACResult PBKDF2(HMAC* hmac, const char* salt, size_t salt_length,
|
|||
if (key_length == 0) {
|
||||
key_length = hmac_length;
|
||||
}
|
||||
typedef union {
|
||||
typedef union
|
||||
{
|
||||
uint8_t bytes[4];
|
||||
uint32_t count;
|
||||
} counter_t;
|
||||
|
|
|
|||
|
|
@ -64,14 +64,12 @@ bool compare(const uint8_t a, const uint8_t b);
|
|||
* @param b Second byte array.
|
||||
* @return True, if both match, false otherwise.
|
||||
*/
|
||||
bool compare(const uint8_t *a, const uint8_t *b, size_t length);
|
||||
inline bool compare(const char *a, const char *b, size_t length)
|
||||
bool compare(const uint8_t* a, const uint8_t* b, size_t length);
|
||||
inline bool compare(const char* a, const char* b, size_t length)
|
||||
{
|
||||
return compare(
|
||||
reinterpret_cast<const uint8_t*>(a),
|
||||
reinterpret_cast<const uint8_t*>(b),
|
||||
length * sizeof(char)
|
||||
);
|
||||
return compare(reinterpret_cast<const uint8_t*>(a),
|
||||
reinterpret_cast<const uint8_t*>(b),
|
||||
length * sizeof(char));
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -81,27 +79,27 @@ inline bool compare(const char *a, const char *b, size_t length)
|
|||
* length, helping to prevent logic errors either during development, or
|
||||
* triggering in the wild. Therefore |.getBytes()| use should be avoided.
|
||||
*/
|
||||
class HMACResult {
|
||||
class HMACResult
|
||||
{
|
||||
public:
|
||||
HMACResult(const std::string& result)
|
||||
: result_(result), len_(result.length())
|
||||
HMACResult(const std::string& result) : result_(result), len_(result.length())
|
||||
{}
|
||||
|
||||
HMACResult(const char* result, size_t length)
|
||||
: result_(result, length), len_(length)
|
||||
{}
|
||||
|
||||
HMACResult(const HMACResult& other) :
|
||||
result_(other.result_), len_(other.len_)
|
||||
HMACResult(const HMACResult& other) : result_(other.result_), len_(other.len_)
|
||||
{}
|
||||
|
||||
HMACResult& operator=(const HMACResult& other) {
|
||||
HMACResult& operator=(const HMACResult& other)
|
||||
{
|
||||
result_ = other.result_;
|
||||
len_ = other.len_;
|
||||
return *this;
|
||||
}
|
||||
|
||||
bool operator == (const HMACResult& other) const
|
||||
bool operator==(const HMACResult& other) const
|
||||
{
|
||||
if (len_ != other.len_) {
|
||||
throw std::domain_error("comparing different hmac is undefined");
|
||||
|
|
@ -109,7 +107,7 @@ public:
|
|||
return compare(result_.data(), other.result_.data(), len_);
|
||||
}
|
||||
|
||||
bool operator != (const HMACResult& other) const
|
||||
bool operator!=(const HMACResult& other) const
|
||||
{
|
||||
return !(*this == other);
|
||||
}
|
||||
|
|
@ -134,7 +132,8 @@ private:
|
|||
* algorithms that MessageDigest supports, but at most the SHA-1, SHA-2
|
||||
* algorithms as specified in the RFC.
|
||||
*/
|
||||
class HMAC {
|
||||
class HMAC
|
||||
{
|
||||
public:
|
||||
/**
|
||||
* Constructs a new HMAC. It is recommended to use the |create| or
|
||||
|
|
@ -148,8 +147,8 @@ public:
|
|||
/**
|
||||
* Creates a new instance using the specified algorithm and secret.
|
||||
*/
|
||||
static std::unique_ptr<HMAC> create(
|
||||
const std::string& algorithm, const std::string& secret)
|
||||
static std::unique_ptr<HMAC> create(const std::string& algorithm,
|
||||
const std::string& secret)
|
||||
{
|
||||
return create(algorithm, secret.data(), secret.length());
|
||||
}
|
||||
|
|
@ -157,8 +156,8 @@ public:
|
|||
/**
|
||||
* Creates a new instance using the specified algorithm and secret.
|
||||
*/
|
||||
static std::unique_ptr<HMAC> create(
|
||||
const std::string& algorithm, const char* secret, size_t length)
|
||||
static std::unique_ptr<HMAC>
|
||||
create(const std::string& algorithm, const char* secret, size_t length)
|
||||
{
|
||||
if (!supports(algorithm)) {
|
||||
return nullptr;
|
||||
|
|
@ -292,8 +291,11 @@ private:
|
|||
* Example:
|
||||
* result = PBKDF2(HMAC::create("password"), random_salt, salt_len, 1000);
|
||||
*/
|
||||
HMACResult PBKDF2(HMAC* hmac, const char* salt, size_t salt_length,
|
||||
size_t iterations, size_t key_length = 0);
|
||||
HMACResult PBKDF2(HMAC* hmac,
|
||||
const char* salt,
|
||||
size_t salt_length,
|
||||
size_t iterations,
|
||||
size_t key_length = 0);
|
||||
|
||||
/**
|
||||
* Create A PKBDF2-HMAC. See RFC 2898.
|
||||
|
|
@ -301,8 +303,10 @@ HMACResult PBKDF2(HMAC* hmac, const char* salt, size_t salt_length,
|
|||
* Example:
|
||||
* result = PBKDF2(HMAC::create("password"), random_salt, 1000);
|
||||
*/
|
||||
inline HMACResult PBKDF2(HMAC* hmac, const std::string& salt, size_t iterations,
|
||||
size_t key_length = 0)
|
||||
inline HMACResult PBKDF2(HMAC* hmac,
|
||||
const std::string& salt,
|
||||
size_t iterations,
|
||||
size_t key_length = 0)
|
||||
{
|
||||
return PBKDF2(hmac, salt.data(), salt.length(), iterations, key_length);
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in New Issue