HMAC.as 4.1 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127
  1. /*
  2. Copyright (c) 2008, Adobe Systems Incorporated
  3. All rights reserved.
  4. Redistribution and use in source and binary forms, with or without
  5. modification, are permitted provided that the following conditions are
  6. met:
  7. * Redistributions of source code must retain the above copyright notice,
  8. this list of conditions and the following disclaimer.
  9. * Redistributions in binary form must reproduce the above copyright
  10. notice, this list of conditions and the following disclaimer in the
  11. documentation and/or other materials provided with the distribution.
  12. * Neither the name of Adobe Systems Incorporated nor the names of its
  13. contributors may be used to endorse or promote products derived from
  14. this software without specific prior written permission.
  15. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS
  16. IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
  17. THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
  18. PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR
  19. CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
  20. EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
  21. PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
  22. PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
  23. LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
  24. NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
  25. SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  26. */
  27. package com.adobe.crypto {
  28. import flash.utils.ByteArray;
  29. import flash.utils.Endian;
  30. import flash.utils.describeType;
  31. /**
  32. * Keyed-Hashing for Message Authentication
  33. * Implementation based on algorithm description at
  34. * http://www.faqs.org/rfcs/rfc2104.html
  35. */
  36. public class HMAC
  37. {
  38. /**
  39. * Performs the HMAC hash algorithm using byte arrays.
  40. *
  41. * @param secret The secret key
  42. * @param message The message to hash
  43. * @param algorithm Hash object to use
  44. * @return A string containing the hash value of message
  45. * @langversion ActionScript 3.0
  46. * @playerversion Flash 8.5
  47. * @tiptext
  48. */
  49. public static function hash( secret:String, message:String, algorithm:Object = null ):String
  50. {
  51. var text:ByteArray = new ByteArray();
  52. var k_secret:ByteArray = new ByteArray();
  53. text.writeUTFBytes(message);
  54. k_secret.writeUTFBytes(secret);
  55. return hashBytes(k_secret, text, algorithm);
  56. }
  57. /**
  58. * Performs the HMAC hash algorithm using string.
  59. *
  60. * @param secret The secret key
  61. * @param message The message to hash
  62. * @param algorithm Hash object to use
  63. * @return A string containing the hash value of message
  64. * @langversion ActionScript 3.0
  65. * @playerversion Flash 8.5
  66. * @tiptext
  67. */
  68. public static function hashBytes( secret:ByteArray, message:ByteArray, algorithm:Object = null ):String
  69. {
  70. var ipad:ByteArray = new ByteArray();
  71. var opad:ByteArray = new ByteArray();
  72. var endian:String = Endian.BIG_ENDIAN;
  73. if(algorithm == null){
  74. algorithm = MD5;
  75. }
  76. if ( describeType(algorithm).@name.toString() == "com.adobe.crypto::MD5" ) {
  77. endian = Endian.LITTLE_ENDIAN;
  78. }
  79. if ( secret.length > 64 ) {
  80. algorithm.hashBytes(secret);
  81. secret = new ByteArray();
  82. secret.endian = endian;
  83. while ( algorithm.digest.bytesAvailable != 0 ) {
  84. secret.writeInt(algorithm.digest.readInt());
  85. }
  86. }
  87. secret.length = 64
  88. secret.position = 0;
  89. for ( var x:int = 0; x < 64; x++ ) {
  90. var byte:int = secret.readByte();
  91. ipad.writeByte(0x36 ^ byte);
  92. opad.writeByte(0x5c ^ byte);
  93. }
  94. ipad.writeBytes(message);
  95. algorithm.hashBytes(ipad);
  96. var tmp:ByteArray = new ByteArray();
  97. tmp.endian = endian;
  98. while ( algorithm.digest.bytesAvailable != 0 ) {
  99. tmp.writeInt(algorithm.digest.readInt());
  100. }
  101. tmp.position = 0;
  102. while ( tmp.bytesAvailable != 0 ) {
  103. opad.writeByte(tmp.readUnsignedByte());
  104. }
  105. return algorithm.hashBytes( opad );
  106. }
  107. }
  108. }