danger.crypto
Class HMAC

java.lang.Object
  danger.crypto.HMAC

public class HMAC

extends Object

HMAC is a secure hash used by SSH and SSL (and probably other protocols). It hashes a private key in with the data, so that the hash is effectively authenticated.

An HMAC is:

H((key XOR 0x5C) + H((key XOR 0x36) + data))

where + indicates concatenated data, H is the hashing algorithm provided by a Hash, and XOR indicates that each byte of the key was xor'd with the given byte.

The key is expanded or truncated to 64 bytes. A key longer than 64 bytes will be truncated by hashing it (using the given Hash. A key shorter than 64 bytes will be expanded by adding zeros to the end. (Thus, a key longer than 64 bytes will be truncated using the given Hash, then padded out with zeros to 64 bytes.)

Constructor Summary

HMAC(Hash hash)
Construct a new HMAC using the secure hash algorithm given.

Method Summary

byte[]	digest() Finish the HMAC computation and return a digest of the form returned by Hash.digest().
void	digest(byte[] out, int offset) Finish the HMAC computation and store the digest into the given byte array.
void	init(byte[] inKey) Initialize the HMAC with a private key.
void	init(byte[] inKey, int offset, int length) Initialize the HMAC with a private key.
void	reset() Reset the state of this HMAC in preparation for a new computation, using the same key.
void	update(byte[] input) Equivalent to update(input, 0, input.length).
void	update(byte[] input, int offset, int length) Adds length bytes of input, starting at offset, into the HMAC hash.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

HMAC

public HMAC(Hash hash)

Construct a new HMAC using the secure hash algorithm given.

Method Detail

init

public void init(byte[] inKey,
                 int offset,
                 int length)

Initialize the HMAC with a private key. The private key is used to generate hashes used later in the HMAC processing, but is not stored in the HMAC object directly. You may call this method multiple times on the same object. With each call, the internal state is reset and a new key is used. To reset the internal state but continue using the same key, use reset().

init

public void init(byte[] inKey)

Initialize the HMAC with a private key. This is equivalent to init(inKey, 0, inKey.length).

reset

public void reset()

Reset the state of this HMAC in preparation for a new computation, using the same key. This can be convenient if you're computing HMACs of several blocks of data using the same key, as it avoids allocating new memory.

update

public void update(byte[] input,
                   int offset,
                   int length)

Adds length bytes of input, starting at offset, into the HMAC hash. This works exactly like Hash.update(byte[],int,int).

update

public void update(byte[] input)

Equivalent to update(input, 0, input.length).

digest

public byte[] digest()

Finish the HMAC computation and return a digest of the form returned by Hash.digest(). The length of the digest will depend on the Hash object used to create this HMAC: it will be the same length as any digest created by your chosen hash function. Note that multiple calls to this function will return different results, since there is an implicit computation step in creating the final digest. Most likely you want to call this function exactly once.

digest

public void digest(byte[] out,
                   int offset)

Finish the HMAC computation and store the digest into the given byte array. The length of the digest will depend on the Hash object used to create this HMAC: it will be the same length as any digest created by your chosen hash function. Note that multiple calls to this function will return different results, since there is an implicit computation step in creating the final digest. Most likely you want to call this function exactly once.