Class: Phylax::HMAC

Inherits:

Object

• Object
• Phylax::HMAC

Defined in:

lib/phylax.rb,
ext/phylax/phylax.c

Overview

Streaming keyed MAC (HMAC-SHA-256/384/512).

m = Phylax::HMAC.new(:sha256, key)
m << "part one" << "part two"
m.hexdigest

Instance Attribute Summary

• #name ⇒ Object readonly

  Returns the value of attribute name.

Class Method Summary

• .verify(name, key, data, expected_tag) ⇒ Object

  Compute the MAC of data under key and compare it to expected_tag in constant time.

Instance Method Summary

• #<<(data) ⇒ Object
• #_init(vidx, key) ⇒ Object
• #digest ⇒ Object
• #digest_length ⇒ Object
• #hexdigest ⇒ Object
• #initialize(name, key) ⇒ HMAC constructor

  A new instance of HMAC.

• #inspect ⇒ Object
• #reset ⇒ Object

  #reset — re-create the MAC object with the retained key.

• #size ⇒ Object (also: #length)
• #update(data) ⇒ Object

Constructor Details

#initialize(name, key) ⇒ HMAC

Returns a new instance of HMAC.

# File 'lib/phylax.rb', line 166

def initialize(name, key)
  idx = HASHES.fetch(name) { raise ArgumentError, "unknown hash #{name.inspect}" }
  @name = name
  _init(idx, key)
end

Instance Attribute Details

#name ⇒ Object (readonly)

Returns the value of attribute name.

# File 'lib/phylax.rb', line 164

def name
  @name
end

Class Method Details

.verify(name, key, data, expected_tag) ⇒ Object

Compute the MAC of data under key and compare it to expected_tag in constant time. Returns true/false and never raises on mismatch — the safe way to verify a MAC.

# File 'lib/phylax.rb', line 188

def self.verify(name, key, data, expected_tag)
  tag = new(name, key).update(data).digest
  Phylax.secure_compare(tag, expected_tag)
end

Instance Method Details

#<<(data) ⇒ Object

# File 'lib/phylax.rb', line 172

def <<(data)
  update(data)
end

#_init(vidx, key) ⇒ Object

# File 'ext/phylax/phylax.c', line 553

static VALUE
hmac_init(VALUE self, VALUE vidx, VALUE key)
{
    hmac_t *m = hmac_get(self);
    int i = alg_index(vidx);
    PUCHAR pkey;
    ULONG nkey;
    NTSTATUS st;

    nkey = str_bytes(&key, &pkey);

    if (m->h) { BCryptDestroyHash(m->h); m->h = NULL; }
    if (m->key) { SecureZeroMemory(m->key, m->keylen); free(m->key); m->key = NULL; m->keylen = 0; }

    /* Retain a private copy of the key so #reset can re-key without the caller. */
    m->key = (unsigned char *)malloc(nkey ? nkey : 1);
    if (!m->key) rb_raise(rb_eNoMemError, "phylax: out of memory");
    memcpy(m->key, pkey, nkey);
    m->keylen = nkey;

    st = BCryptCreateHash(g_hmac[i], &m->h, NULL, 0, m->key, nkey, 0);
    if (!NT_SUCCESS(st)) {
        SecureZeroMemory(m->key, m->keylen); free(m->key); m->key = NULL; m->keylen = 0;
        raise_nt("BCryptCreateHash(HMAC)", st);
    }
    m->idx = i;
    return self;
}

#digest ⇒ Object

# File 'ext/phylax/phylax.c', line 598

static VALUE
hmac_digest(VALUE self)
{
    hmac_t *m = hmac_get(self);
    BCRYPT_HASH_HANDLE dup = NULL;
    PUCHAR obj;
    ULONG objlen;
    NTSTATUS st;
    VALUE out;

    if (!m->h) rb_raise(eError, "phylax: hmac not initialized");

    /* Allocate the Ruby output first so the malloc below is the last resource
     * acquired; an rb_str_new (OOM) raise then leaks nothing. */
    out = rb_str_new(NULL, g_dlen[m->idx]);
    rb_enc_associate(out, rb_ascii8bit_encoding());

    objlen = g_objlen_hmac[m->idx];
    obj = (PUCHAR)malloc(objlen ? objlen : 1);
    if (!obj) rb_raise(rb_eNoMemError, "phylax: out of memory");

    st = BCryptDuplicateHash(m->h, &dup, obj, objlen, 0);
    if (NT_SUCCESS(st))
        st = BCryptFinishHash(dup, (PUCHAR)RSTRING_PTR(out), g_dlen[m->idx], 0);
    if (dup) BCryptDestroyHash(dup);
    free(obj);
    if (!NT_SUCCESS(st))
        raise_nt("BCryptDuplicateHash(HMAC)", st);

    return out;
}

#digest_length ⇒ Object

# File 'ext/phylax/phylax.c', line 647

static VALUE
hmac_size(VALUE self)
{
    hmac_t *m = hmac_get(self);
    if (m->idx < 0) rb_raise(eError, "phylax: hmac not initialized");
    return UINT2NUM(g_dlen[m->idx]);
}

#hexdigest ⇒ Object

# File 'lib/phylax.rb', line 176

def hexdigest
  digest.unpack1("H*")
end

#inspect ⇒ Object

# File 'lib/phylax.rb', line 193

def inspect
  "#<Phylax::HMAC #{@name}>"
end

#reset ⇒ Object

#reset — re-create the MAC object with the retained key.

# File 'ext/phylax/phylax.c', line 631

static VALUE
hmac_reset(VALUE self)
{
    hmac_t *m = hmac_get(self);
    BCRYPT_HASH_HANDLE nh = NULL;
    NTSTATUS st;

    if (m->idx < 0) rb_raise(eError, "phylax: hmac not initialized");
    st = BCryptCreateHash(g_hmac[m->idx], &nh, NULL, 0, m->key, m->keylen, 0);
    if (!NT_SUCCESS(st))
        raise_nt("BCryptCreateHash(HMAC)", st);
    if (m->h) BCryptDestroyHash(m->h);
    m->h = nh;
    return self;
}

#size ⇒ Object Also known as: length

# File 'lib/phylax.rb', line 180

def size
  digest_length
end

#update(data) ⇒ Object

# File 'ext/phylax/phylax.c', line 582

static VALUE
hmac_update(VALUE self, VALUE data)
{
    hmac_t *m = hmac_get(self);
    PUCHAR pin;
    ULONG nin;
    NTSTATUS st;

    if (!m->h) rb_raise(eError, "phylax: hmac not initialized");
    nin = str_bytes(&data, &pin);
    st = BCryptHashData(m->h, pin, nin, 0);
    if (!NT_SUCCESS(st))
        raise_nt("BCryptHashData", st);
    return self;
}