121 lines
2.8 KiB
Perl
121 lines
2.8 KiB
Perl
|
package Digest::HMAC;
|
||
|
$VERSION = "1.03";
|
||
|
|
||
|
use strict;
|
||
|
|
||
|
# OO interface
|
||
|
|
||
|
sub new
|
||
|
{
|
||
|
my($class, $key, $hasher, $block_size) = @_;
|
||
|
$block_size ||= 64;
|
||
|
$key = $hasher->new->add($key)->digest if length($key) > $block_size;
|
||
|
|
||
|
my $self = bless {}, $class;
|
||
|
$self->{k_ipad} = $key ^ (chr(0x36) x $block_size);
|
||
|
$self->{k_opad} = $key ^ (chr(0x5c) x $block_size);
|
||
|
$self->{hasher} = $hasher->new->add($self->{k_ipad});
|
||
|
$self;
|
||
|
}
|
||
|
|
||
|
sub reset
|
||
|
{
|
||
|
my $self = shift;
|
||
|
$self->{hasher}->reset->add($self->{k_ipad});
|
||
|
$self;
|
||
|
}
|
||
|
|
||
|
sub add { my $self = shift; $self->{hasher}->add(@_); $self; }
|
||
|
sub addfile { my $self = shift; $self->{hasher}->addfile(@_); $self; }
|
||
|
|
||
|
sub _digest
|
||
|
{
|
||
|
my $self = shift;
|
||
|
my $inner_digest = $self->{hasher}->digest;
|
||
|
$self->{hasher}->reset->add($self->{k_opad}, $inner_digest);
|
||
|
}
|
||
|
|
||
|
sub digest { shift->_digest->digest; }
|
||
|
sub hexdigest { shift->_digest->hexdigest; }
|
||
|
sub b64digest { shift->_digest->b64digest; }
|
||
|
|
||
|
|
||
|
# Functional interface
|
||
|
|
||
|
require Exporter;
|
||
|
*import = \&Exporter::import;
|
||
|
use vars qw(@EXPORT_OK);
|
||
|
@EXPORT_OK = qw(hmac hmac_hex);
|
||
|
|
||
|
sub hmac
|
||
|
{
|
||
|
my($data, $key, $hash_func, $block_size) = @_;
|
||
|
$block_size ||= 64;
|
||
|
$key = &$hash_func($key) if length($key) > $block_size;
|
||
|
|
||
|
my $k_ipad = $key ^ (chr(0x36) x $block_size);
|
||
|
my $k_opad = $key ^ (chr(0x5c) x $block_size);
|
||
|
|
||
|
&$hash_func($k_opad, &$hash_func($k_ipad, $data));
|
||
|
}
|
||
|
|
||
|
sub hmac_hex { unpack("H*", &hmac); }
|
||
|
|
||
|
1;
|
||
|
|
||
|
__END__
|
||
|
|
||
|
=head1 NAME
|
||
|
|
||
|
Digest::HMAC - Keyed-Hashing for Message Authentication
|
||
|
|
||
|
=head1 SYNOPSIS
|
||
|
|
||
|
# Functional style
|
||
|
use Digest::HMAC qw(hmac hmac_hex);
|
||
|
$digest = hmac($data, $key, \&myhash);
|
||
|
print hmac_hex($data, $key, \&myhash);
|
||
|
|
||
|
# OO style
|
||
|
use Digest::HMAC;
|
||
|
$hmac = Digest::HMAC->new($key, "Digest::MyHash");
|
||
|
|
||
|
$hmac->add($data);
|
||
|
$hmac->addfile(*FILE);
|
||
|
|
||
|
$digest = $hmac->digest;
|
||
|
$digest = $hmac->hexdigest;
|
||
|
$digest = $hmac->b64digest;
|
||
|
|
||
|
=head1 DESCRIPTION
|
||
|
|
||
|
HMAC is used for message integrity checks between two parties that
|
||
|
share a secret key, and works in combination with some other Digest
|
||
|
algorithm, usually MD5 or SHA-1. The HMAC mechanism is described in
|
||
|
RFC 2104.
|
||
|
|
||
|
HMAC follow the common C<Digest::> interface, but the constructor
|
||
|
takes the secret key and the name of some other simple C<Digest::>
|
||
|
as argument.
|
||
|
|
||
|
The hmac() and hmac_hex() functions and the Digest::HMAC->new() constructor
|
||
|
takes an optional $blocksize argument as well. The HMAC algorithm assumes the
|
||
|
digester to hash by iterating a basic compression function on blocks of data
|
||
|
and the $blocksize should match the byte-length of such blocks.
|
||
|
|
||
|
The default $blocksize is 64 which is suitable for the MD5 and SHA-1 digest
|
||
|
functions. For stronger algorithms the blocksize probably needs to be
|
||
|
increased.
|
||
|
|
||
|
=head1 SEE ALSO
|
||
|
|
||
|
L<Digest::HMAC_MD5>, L<Digest::HMAC_SHA1>
|
||
|
|
||
|
RFC 2104
|
||
|
|
||
|
=head1 AUTHORS
|
||
|
|
||
|
Graham Barr <gbarr@ti.com>, Gisle Aas <gisle@aas.no>
|
||
|
|
||
|
=cut
|