mirror of
https://github.com/OMGeeky/google-apis-rs.git
synced 2026-02-23 15:49:49 +01:00
99 lines
16 KiB
HTML
99 lines
16 KiB
HTML
<!DOCTYPE html><html lang="en"><head><meta charset="utf-8"><meta name="viewport" content="width=device-width, initial-scale=1.0"><meta name="generator" content="rustdoc"><meta name="description" content="API documentation for the Rust `hmac` mod in crate `ring`."><meta name="keywords" content="rust, rustlang, rust-lang, hmac"><title>ring::hmac - Rust</title><link rel="stylesheet" type="text/css" href="../../normalize.css"><link rel="stylesheet" type="text/css" href="../../rustdoc.css" id="mainThemeStyle"><link rel="stylesheet" type="text/css" href="../../light.css" id="themeStyle"><link rel="stylesheet" type="text/css" href="../../dark.css" disabled ><link rel="stylesheet" type="text/css" href="../../ayu.css" disabled ><script id="default-settings"></script><script src="../../storage.js"></script><noscript><link rel="stylesheet" href="../../noscript.css"></noscript><link rel="icon" type="image/svg+xml" href="../../favicon.svg">
|
||
<link rel="alternate icon" type="image/png" href="../../favicon-16x16.png">
|
||
<link rel="alternate icon" type="image/png" href="../../favicon-32x32.png"><style type="text/css">#crate-search{background-image:url("../../down-arrow.svg");}</style></head><body class="rustdoc mod"><!--[if lte IE 8]><div class="warning">This old browser is unsupported and will most likely display funky things.</div><![endif]--><nav class="sidebar"><div class="sidebar-menu">☰</div><a href='../../ring/index.html'><div class='logo-container rust-logo'><img src='../../rust-logo.png' alt='logo'></div></a><p class="location">Module hmac</p><div class="sidebar-elems"><div class="block items"><ul><li><a href="#structs">Structs</a></li><li><a href="#statics">Statics</a></li><li><a href="#functions">Functions</a></li><li><a href="#types">Type Definitions</a></li></ul></div><p class="location"><a href="../index.html">ring</a></p><div id="sidebar-vars" data-name="hmac" data-ty="mod" data-relpath="../"></div><script defer src="../sidebar-items.js"></script></div></nav><div class="theme-picker"><button id="theme-picker" aria-label="Pick another theme!" aria-haspopup="menu"><img src="../../brush.svg" width="18" alt="Pick another theme!"></button><div id="theme-choices" role="menu"></div></div><script src="../../theme.js"></script><nav class="sub"><form class="search-form"><div class="search-container"><div><select id="crate-search"><option value="All crates">All crates</option></select><input class="search-input" name="search" disabled autocomplete="off" spellcheck="false" placeholder="Click or press ‘S’ to search, ‘?’ for more options…" type="search"></div><button type="button" class="help-button">?</button>
|
||
<a id="settings-menu" href="../../settings.html"><img src="../../wheel.svg" width="18" alt="Change settings"></a></div></form></nav><section id="main" class="content"><h1 class="fqn"><span class="in-band">Module <a href="../index.html">ring</a>::<wbr><a class="mod" href="">hmac</a></span><span class="out-of-band"><span id="render-detail"><a id="toggle-all-docs" href="javascript:void(0)" title="collapse all docs">[<span class="inner">−</span>]</a></span><a class="srclink" href="../../src/ring/hmac.rs.html#15-385" title="goto source code">[src]</a></span></h1><div class="docblock"><p>HMAC is specified in <a href="https://tools.ietf.org/html/rfc2104">RFC 2104</a>.</p>
|
||
<p>After a <code>Key</code> is constructed, it can be used for multiple signing or
|
||
verification operations. Separating the construction of the key from the
|
||
rest of the HMAC operation allows the per-key precomputation to be done
|
||
only once, instead of it being done in every HMAC operation.</p>
|
||
<p>Frequently all the data to be signed in a message is available in a single
|
||
contiguous piece. In that case, the module-level <code>sign</code> function can be
|
||
used. Otherwise, if the input is in multiple parts, <code>Context</code> should be
|
||
used.</p>
|
||
<h1 id="examples" class="section-header"><a href="#examples">Examples:</a></h1><h2 id="signing-a-value-and-verifying-it-wasnt-tampered-with" class="section-header"><a href="#signing-a-value-and-verifying-it-wasnt-tampered-with">Signing a value and verifying it wasn't tampered with</a></h2>
|
||
<div class="example-wrap"><pre class="rust rust-example-rendered">
|
||
<span class="kw">use</span> <span class="ident">ring</span>::{<span class="ident">hmac</span>, <span class="ident">rand</span>};
|
||
|
||
<span class="kw">let</span> <span class="ident">rng</span> <span class="op">=</span> <span class="ident">rand</span>::<span class="ident">SystemRandom</span>::<span class="ident">new</span>();
|
||
<span class="kw">let</span> <span class="ident">key</span> <span class="op">=</span> <span class="ident">hmac</span>::<span class="ident">Key</span>::<span class="ident">generate</span>(<span class="ident">hmac</span>::<span class="ident">HMAC_SHA256</span>, <span class="kw-2">&</span><span class="ident">rng</span>)<span class="question-mark">?</span>;
|
||
|
||
<span class="kw">let</span> <span class="ident">msg</span> <span class="op">=</span> <span class="string">"hello, world"</span>;
|
||
|
||
<span class="kw">let</span> <span class="ident">tag</span> <span class="op">=</span> <span class="ident">hmac</span>::<span class="ident">sign</span>(<span class="kw-2">&</span><span class="ident">key</span>, <span class="ident">msg</span>.<span class="ident">as_bytes</span>());
|
||
|
||
<span class="comment">// [We give access to the message to an untrusted party, and they give it</span>
|
||
<span class="comment">// back to us. We need to verify they didn't tamper with it.]</span>
|
||
|
||
<span class="ident">hmac</span>::<span class="ident">verify</span>(<span class="kw-2">&</span><span class="ident">key</span>, <span class="ident">msg</span>.<span class="ident">as_bytes</span>(), <span class="ident">tag</span>.<span class="ident">as_ref</span>())<span class="question-mark">?</span>;
|
||
</pre></div>
|
||
<h2 id="using-the-one-shot-api" class="section-header"><a href="#using-the-one-shot-api">Using the one-shot API:</a></h2>
|
||
<div class="example-wrap"><pre class="rust rust-example-rendered">
|
||
<span class="kw">use</span> <span class="ident">ring</span>::{<span class="ident">digest</span>, <span class="ident">hmac</span>, <span class="ident">rand</span>};
|
||
<span class="kw">use</span> <span class="ident">ring</span>::<span class="ident">rand</span>::<span class="ident">SecureRandom</span>;
|
||
|
||
<span class="kw">let</span> <span class="ident">msg</span> <span class="op">=</span> <span class="string">"hello, world"</span>;
|
||
|
||
<span class="comment">// The sender generates a secure key value and signs the message with it.</span>
|
||
<span class="comment">// Note that in a real protocol, a key agreement protocol would be used to</span>
|
||
<span class="comment">// derive `key_value`.</span>
|
||
<span class="kw">let</span> <span class="ident">rng</span> <span class="op">=</span> <span class="ident">rand</span>::<span class="ident">SystemRandom</span>::<span class="ident">new</span>();
|
||
<span class="kw">let</span> <span class="ident">key_value</span>: [<span class="ident">u8</span>; <span class="ident">digest</span>::<span class="ident">SHA256_OUTPUT_LEN</span>] <span class="op">=</span> <span class="ident">rand</span>::<span class="ident">generate</span>(<span class="kw-2">&</span><span class="ident">rng</span>)<span class="question-mark">?</span>.<span class="ident">expose</span>();
|
||
|
||
<span class="kw">let</span> <span class="ident">s_key</span> <span class="op">=</span> <span class="ident">hmac</span>::<span class="ident">Key</span>::<span class="ident">new</span>(<span class="ident">hmac</span>::<span class="ident">HMAC_SHA256</span>, <span class="ident">key_value</span>.<span class="ident">as_ref</span>());
|
||
<span class="kw">let</span> <span class="ident">tag</span> <span class="op">=</span> <span class="ident">hmac</span>::<span class="ident">sign</span>(<span class="kw-2">&</span><span class="ident">s_key</span>, <span class="ident">msg</span>.<span class="ident">as_bytes</span>());
|
||
|
||
<span class="comment">// The receiver (somehow!) knows the key value, and uses it to verify the</span>
|
||
<span class="comment">// integrity of the message.</span>
|
||
<span class="kw">let</span> <span class="ident">v_key</span> <span class="op">=</span> <span class="ident">hmac</span>::<span class="ident">Key</span>::<span class="ident">new</span>(<span class="ident">hmac</span>::<span class="ident">HMAC_SHA256</span>, <span class="ident">key_value</span>.<span class="ident">as_ref</span>());
|
||
<span class="ident">hmac</span>::<span class="ident">verify</span>(<span class="kw-2">&</span><span class="ident">v_key</span>, <span class="ident">msg</span>.<span class="ident">as_bytes</span>(), <span class="ident">tag</span>.<span class="ident">as_ref</span>())<span class="question-mark">?</span>;
|
||
</pre></div>
|
||
<h2 id="using-the-multi-part-api" class="section-header"><a href="#using-the-multi-part-api">Using the multi-part API:</a></h2>
|
||
<div class="example-wrap"><pre class="rust rust-example-rendered">
|
||
<span class="kw">use</span> <span class="ident">ring</span>::{<span class="ident">digest</span>, <span class="ident">hmac</span>, <span class="ident">rand</span>};
|
||
<span class="kw">use</span> <span class="ident">ring</span>::<span class="ident">rand</span>::<span class="ident">SecureRandom</span>;
|
||
|
||
<span class="kw">let</span> <span class="ident">parts</span> <span class="op">=</span> [<span class="string">"hello"</span>, <span class="string">", "</span>, <span class="string">"world"</span>];
|
||
|
||
<span class="comment">// The sender generates a secure key value and signs the message with it.</span>
|
||
<span class="comment">// Note that in a real protocol, a key agreement protocol would be used to</span>
|
||
<span class="comment">// derive `key_value`.</span>
|
||
<span class="kw">let</span> <span class="ident">rng</span> <span class="op">=</span> <span class="ident">rand</span>::<span class="ident">SystemRandom</span>::<span class="ident">new</span>();
|
||
<span class="kw">let</span> <span class="kw-2">mut</span> <span class="ident">key_value</span>: [<span class="ident">u8</span>; <span class="ident">digest</span>::<span class="ident">SHA384_OUTPUT_LEN</span>] <span class="op">=</span> <span class="ident">rand</span>::<span class="ident">generate</span>(<span class="kw-2">&</span><span class="ident">rng</span>)<span class="question-mark">?</span>.<span class="ident">expose</span>();
|
||
|
||
<span class="kw">let</span> <span class="ident">s_key</span> <span class="op">=</span> <span class="ident">hmac</span>::<span class="ident">Key</span>::<span class="ident">new</span>(<span class="ident">hmac</span>::<span class="ident">HMAC_SHA384</span>, <span class="ident">key_value</span>.<span class="ident">as_ref</span>());
|
||
<span class="kw">let</span> <span class="kw-2">mut</span> <span class="ident">s_ctx</span> <span class="op">=</span> <span class="ident">hmac</span>::<span class="ident">Context</span>::<span class="ident">with_key</span>(<span class="kw-2">&</span><span class="ident">s_key</span>);
|
||
<span class="kw">for</span> <span class="ident">part</span> <span class="kw">in</span> <span class="kw-2">&</span><span class="ident">parts</span> {
|
||
<span class="ident">s_ctx</span>.<span class="ident">update</span>(<span class="ident">part</span>.<span class="ident">as_bytes</span>());
|
||
}
|
||
<span class="kw">let</span> <span class="ident">tag</span> <span class="op">=</span> <span class="ident">s_ctx</span>.<span class="ident">sign</span>();
|
||
|
||
<span class="comment">// The receiver (somehow!) knows the key value, and uses it to verify the</span>
|
||
<span class="comment">// integrity of the message.</span>
|
||
<span class="kw">let</span> <span class="ident">v_key</span> <span class="op">=</span> <span class="ident">hmac</span>::<span class="ident">Key</span>::<span class="ident">new</span>(<span class="ident">hmac</span>::<span class="ident">HMAC_SHA384</span>, <span class="ident">key_value</span>.<span class="ident">as_ref</span>());
|
||
<span class="kw">let</span> <span class="kw-2">mut</span> <span class="ident">msg</span> <span class="op">=</span> <span class="ident">Vec</span>::<span class="op"><</span><span class="ident">u8</span><span class="op">></span>::<span class="ident">new</span>();
|
||
<span class="kw">for</span> <span class="ident">part</span> <span class="kw">in</span> <span class="kw-2">&</span><span class="ident">parts</span> {
|
||
<span class="ident">msg</span>.<span class="ident">extend</span>(<span class="ident">part</span>.<span class="ident">as_bytes</span>());
|
||
}
|
||
<span class="ident">hmac</span>::<span class="ident">verify</span>(<span class="kw-2">&</span><span class="ident">v_key</span>, <span class="kw-2">&</span><span class="ident">msg</span>.<span class="ident">as_ref</span>(), <span class="ident">tag</span>.<span class="ident">as_ref</span>())<span class="question-mark">?</span>;
|
||
</pre></div>
|
||
</div><h2 id="structs" class="section-header"><a href="#structs">Structs</a></h2>
|
||
<table><tr class="module-item"><td><a class="struct" href="struct.Algorithm.html" title="ring::hmac::Algorithm struct">Algorithm</a></td><td class="docblock-short"><p>An HMAC algorithm.</p>
|
||
</td></tr><tr class="module-item"><td><a class="struct" href="struct.Context.html" title="ring::hmac::Context struct">Context</a></td><td class="docblock-short"><p>A context for multi-step (Init-Update-Finish) HMAC signing.</p>
|
||
</td></tr><tr class="module-item"><td><a class="struct" href="struct.Key.html" title="ring::hmac::Key struct">Key</a></td><td class="docblock-short"><p>A key to use for HMAC signing.</p>
|
||
</td></tr><tr class="module-item"><td><a class="struct" href="struct.Tag.html" title="ring::hmac::Tag struct">Tag</a></td><td class="docblock-short"><p>An HMAC tag.</p>
|
||
</td></tr></table><h2 id="statics" class="section-header"><a href="#statics">Statics</a></h2>
|
||
<table><tr class="module-item"><td><a class="static" href="static.HMAC_SHA1_FOR_LEGACY_USE_ONLY.html" title="ring::hmac::HMAC_SHA1_FOR_LEGACY_USE_ONLY static">HMAC_SHA1_FOR_LEGACY_USE_ONLY</a></td><td class="docblock-short"><p>HMAC using SHA-1. Obsolete.</p>
|
||
</td></tr><tr class="module-item"><td><a class="static" href="static.HMAC_SHA256.html" title="ring::hmac::HMAC_SHA256 static">HMAC_SHA256</a></td><td class="docblock-short"><p>HMAC using SHA-256.</p>
|
||
</td></tr><tr class="module-item"><td><a class="static" href="static.HMAC_SHA384.html" title="ring::hmac::HMAC_SHA384 static">HMAC_SHA384</a></td><td class="docblock-short"><p>HMAC using SHA-384.</p>
|
||
</td></tr><tr class="module-item"><td><a class="static" href="static.HMAC_SHA512.html" title="ring::hmac::HMAC_SHA512 static">HMAC_SHA512</a></td><td class="docblock-short"><p>HMAC using SHA-512.</p>
|
||
</td></tr></table><h2 id="functions" class="section-header"><a href="#functions">Functions</a></h2>
|
||
<table><tr class="module-item"><td><a class="fn" href="fn.sign.html" title="ring::hmac::sign fn">sign</a></td><td class="docblock-short"><p>Calculates the HMAC of <code>data</code> using the key <code>key</code> in one step.</p>
|
||
</td></tr><tr class="module-item"><td><a class="fn" href="fn.verify.html" title="ring::hmac::verify fn">verify</a></td><td class="docblock-short"><p>Calculates the HMAC of <code>data</code> using the signing key <code>key</code>, and verifies
|
||
whether the resultant value equals <code>tag</code>, in one step.</p>
|
||
</td></tr></table><h2 id="types" class="section-header"><a href="#types">Type Definitions</a></h2>
|
||
<table><tr class="module-item"><td><a class="type" href="type.Signature.html" title="ring::hmac::Signature type">Signature</a></td><td class="docblock-short"><span class="stab deprecated" title="">Deprecated</span><p>A deprecated alias for <code>Tag</code>.</p>
|
||
</td></tr><tr class="module-item"><td><a class="type" href="type.SigningContext.html" title="ring::hmac::SigningContext type">SigningContext</a></td><td class="docblock-short"><span class="stab deprecated" title="">Deprecated</span><p><code>hmac::SigningContext</code> was renamed to <code>hmac::Context</code>.</p>
|
||
</td></tr><tr class="module-item"><td><a class="type" href="type.SigningKey.html" title="ring::hmac::SigningKey type">SigningKey</a></td><td class="docblock-short"><span class="stab deprecated" title="">Deprecated</span><p><code>hmac::SigningKey</code> was renamed to <code>hmac::Key</code>.</p>
|
||
</td></tr><tr class="module-item"><td><a class="type" href="type.VerificationKey.html" title="ring::hmac::VerificationKey type">VerificationKey</a></td><td class="docblock-short"><span class="stab deprecated" title="">Deprecated</span><p><code>hmac::VerificationKey</code> was merged into <code>hmac::Key</code>.</p>
|
||
</td></tr></table></section><section id="search" class="content hidden"></section><section class="footer"></section><div id="rustdoc-vars" data-root-path="../../" data-current-crate="ring"></div>
|
||
<script src="../../main.js"></script><script defer src="../../search-index.js"></script></body></html> |