class RbNaCl::HMAC::SHA512256

Computes an authenticator as HMAC-SHA-512 truncated to 256-bits

The authenticator can be used at a later time to verify the provenance of the message by recomputing the HMAC over the message and then comparing it to the provided authenticator. The class provides methods for generating signatures and also has a constant-time implementation for checking them.

This is a secret key authenticator, i.e. anyone who can verify signatures can also create them.

@see nacl.cr.yp.to/auth.html

Public Class Methods

new(key) click to toggle source

Create instance without checking key length

RFC 2104 HMAC The key for HMAC can be of any length.

see tools.ietf.org/html/rfc2104#section-3

# File lib/rbnacl/hmac/sha512256.rb, line 43
def initialize(key)
  @key = Util.check_hmac_key(key, "#{self.class} key")
  @state = State.new
  @authenticator = Util.zeros(tag_bytes)

  self.class.auth_hmacsha512256_init(@state, key, key.bytesize)
end

Public Instance Methods

digest() click to toggle source

Return the authenticator, as raw bytes

@return [String] The authenticator, as raw bytes

# File lib/rbnacl/hmac/sha512256.rb, line 64
def digest
  @authenticator
end
hexdigest() click to toggle source

Return the authenticator, as hex string

@return [String] The authenticator, as hex string

# File lib/rbnacl/hmac/sha512256.rb, line 71
def hexdigest
  @authenticator.unpack("H*").last
end
update(message) click to toggle source

Compute authenticator for message

@params [#to_str] message message to construct an authenticator for

# File lib/rbnacl/hmac/sha512256.rb, line 54
def update(message)
  self.class.auth_hmacsha512256_update(@state, message, message.bytesize)
  self.class.auth_hmacsha512256_final(@state.clone, @authenticator)

  hexdigest
end

Private Instance Methods

compute_authenticator(authenticator, message) click to toggle source
# File lib/rbnacl/hmac/sha512256.rb, line 77
def compute_authenticator(authenticator, message)
  state = State.new

  self.class.auth_hmacsha512256_init(state, key, key.bytesize)
  self.class.auth_hmacsha512256_update(state, message, message.bytesize)
  self.class.auth_hmacsha512256_final(state, authenticator)
end
verify_message(authenticator, message) click to toggle source
# File lib/rbnacl/hmac/sha512256.rb, line 85
def verify_message(authenticator, message)
  correct = Util.zeros(BYTES)
  compute_authenticator(correct, message)
  Util.verify32(correct, authenticator)
end