search

apple / swift-crypto

Open-source implementation of a substantial portion of the API of Apple CryptoKit suitable for use on Linux platforms.
https://apple.github.io/swift-crypto
Apache License 2.0
1.43k stars 151 forks source link

Validating HMACs with incremental computation #219

Closed semicoleon closed 4 months ago

semicoleon commented 4 months ago

As far as I can tell, it's currently not possible to create a MAC from data with swift-crypto. The only way to validate an existing MAC that wasn't computed by swift-crypto in the current process (e.g. a MAC that was sent as part of an HTTP request, or a MAC that was saved to disk between process launches) with the HMAC API is to use isValidAuthenticationCode, which requires that the data you're validating fits in contiguous memory.

Motivation:

Most of the HMAC API is oriented around allowing computing HMACs from incremental data. Not being able to validate a MAC with this mode of operation directly seems like an oversight in the API. I can compare the MAC bytes manually, but swift-crypto doesn't expose its safeCompare function so it wouldn't be constant time any more.

Importance:

Low

semicoleon commented 4 months ago

I knew there had to be something I was missing MessageAuthenticationCode has an equatable conformance which allows comparing a code to a type conforming to DataProtocol which allows comparing a computed code to one computed in another process