java_src/src/main/java/com/google/crypto/tink/subtle/PrfMac.java - third_party/tink - Git at Google

 // Licensed under the Apache License, Version 2.0 (the "License");
 // you may not use this file except in compliance with the License.
 // You may obtain a copy of the License at
 //
 //      http://www.apache.org/licenses/LICENSE-2.0
 //
 // Unless required by applicable law or agreed to in writing, software
 // distributed under the License is distributed on an "AS IS" BASIS,
 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 // See the License for the specific language governing permissions and
 // limitations under the License.
 //
 ////////////////////////////////////////////////////////////////////////////////

 package com.google.crypto.tink.subtle;

 import com.google.crypto.tink.Mac;
 import com.google.crypto.tink.prf.Prf;
 import com.google.errorprone.annotations.Immutable;
 import java.security.GeneralSecurityException;
 import java.security.InvalidAlgorithmParameterException;

 /**
  * Class that provides the functionality expressed by the Mac primitive using a Prf implementation.
  */
 @Immutable
 public class PrfMac implements Mac {
   static final int MIN_TAG_SIZE_IN_BYTES = 10;

   private final Prf wrappedPrf;
   private final int tagSize;

   /** Wrap {@code wrappedPrf } in a Mac primitive with the specified {@code tagSize} */
   public PrfMac(Prf wrappedPrf, int tagSize) throws GeneralSecurityException {
     this.wrappedPrf = wrappedPrf;
     this.tagSize = tagSize;

     // The output length is restricted by the HMAC spec. Check that first.
     if (tagSize < MIN_TAG_SIZE_IN_BYTES) {
       throw new InvalidAlgorithmParameterException(
           "tag size too small, need at least " + MIN_TAG_SIZE_IN_BYTES + " bytes");
     }

     // Some Prf implementations have restrictions on maximum tag length. These throw on compute().
     // Check for those restrictions on tag length here by doing a compute() pass.
     wrappedPrf.compute(new byte[0], tagSize);
   }

   @Override
   public byte[] computeMac(byte[] data) throws GeneralSecurityException {
     return wrappedPrf.compute(data, tagSize);
   }

   @Override
   public void verifyMac(byte[] mac, byte[] data) throws GeneralSecurityException {
     if (!Bytes.equal(computeMac(data), mac)) {
       throw new GeneralSecurityException("invalid MAC");
     }
   }
 }
	// Licensed under the Apache License, Version 2.0 (the "License");
	// you may not use this file except in compliance with the License.
	// You may obtain a copy of the License at
	//
	// http://www.apache.org/licenses/LICENSE-2.0
	//
	// Unless required by applicable law or agreed to in writing, software
	// distributed under the License is distributed on an "AS IS" BASIS,
	// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	// See the License for the specific language governing permissions and
	// limitations under the License.
	//
	////////////////////////////////////////////////////////////////////////////////

	package com.google.crypto.tink.subtle;

	import com.google.crypto.tink.Mac;
	import com.google.crypto.tink.prf.Prf;
	import com.google.errorprone.annotations.Immutable;
	import java.security.GeneralSecurityException;
	import java.security.InvalidAlgorithmParameterException;

	/**
	* Class that provides the functionality expressed by the Mac primitive using a Prf implementation.
	*/
	@Immutable
	public class PrfMac implements Mac {
	static final int MIN_TAG_SIZE_IN_BYTES = 10;

	private final Prf wrappedPrf;
	private final int tagSize;

	/** Wrap {@code wrappedPrf } in a Mac primitive with the specified {@code tagSize} */
	public PrfMac(Prf wrappedPrf, int tagSize) throws GeneralSecurityException {
	this.wrappedPrf = wrappedPrf;
	this.tagSize = tagSize;

	// The output length is restricted by the HMAC spec. Check that first.
	if (tagSize < MIN_TAG_SIZE_IN_BYTES) {
	throw new InvalidAlgorithmParameterException(
	"tag size too small, need at least " + MIN_TAG_SIZE_IN_BYTES + " bytes");
	}

	// Some Prf implementations have restrictions on maximum tag length. These throw on compute().
	// Check for those restrictions on tag length here by doing a compute() pass.
	wrappedPrf.compute(new byte[0], tagSize);
	}

	@Override
	public byte[] computeMac(byte[] data) throws GeneralSecurityException {
	return wrappedPrf.compute(data, tagSize);
	}

	@Override
	public void verifyMac(byte[] mac, byte[] data) throws GeneralSecurityException {
	if (!Bytes.equal(computeMac(data), mac)) {
	throw new GeneralSecurityException("invalid MAC");
	}
	}
	}