mirror
/
CryptoSwift
cermin dari https://github.com/krzyzanowskim/CryptoSwift.git


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596
							//
//  HMAC.swift
//  CryptoSwift
//
//  Created by Marcin Krzyzanowski on 13/01/15.
//  Copyright (c) 2015 Marcin Krzyzanowski. All rights reserved.
//

final public class HMAC: Authenticator {

    public enum Error: Swift.Error {
        case authenticateError
    }
    
    public enum Variant {
        case sha1, sha256, sha384, sha512, md5
        
        var size:Int {
            switch (self) {
            case .sha1:
                return SHA1.size
            case .sha256:
                return SHA2.Variant.sha256.size
            case .sha384:
                return SHA2.Variant.sha384.size
            case .sha512:
                return SHA2.Variant.sha512.size
            case .md5:
                return MD5.size
            }
        }
        
        func calculateHash(_ bytes:Array<UInt8>) -> Array<UInt8>? {
            switch (self) {
            case .sha1:
                return Hash.sha1(bytes)
            case .sha256:
                return Hash.sha256(bytes)
            case .sha384:
                return Hash.sha384(bytes)
            case .sha512:
                return Hash.sha512(bytes)
            case .md5:
                return Hash.md5(bytes)
            }
        }
        
        func blockSize() -> Int {
            switch self {
            case .md5, .sha1, .sha256:
                return 64
            case .sha384, .sha512:
                return 128
            }
        }
    }
    
    var key:Array<UInt8>
    let variant:Variant

    public init (key: Array<UInt8>, variant:HMAC.Variant = .md5) {
        self.variant = variant
        self.key = key

        if (key.count > variant.blockSize()) {
            if let hash = variant.calculateHash(key) {
                self.key = hash
            }
        }

        //TODO: validate 64 bytes long key
        self.key = ZeroPadding().add(to: key, blockSize: variant.blockSize())
    }

    //MARK: Authenticator

    public func authenticate(_ bytes:Array<UInt8>) throws -> Array<UInt8> {
        var opad = Array<UInt8>(repeating: 0x5c, count: variant.blockSize())
        for idx in key.indices {
            opad[idx] = key[idx] ^ opad[idx]
        }
        var ipad = Array<UInt8>(repeating: 0x36, count: variant.blockSize())
        for idx in key.indices {
            ipad[idx] = key[idx] ^ ipad[idx]
        }

        guard let ipadAndMessageHash = variant.calculateHash(ipad + bytes),
              let result = variant.calculateHash(opad + ipadAndMessageHash) else
        {
            throw Error.authenticateError
        }

        // return Array(result[0..<10]) // 80 bits
        return result
    }
}