1 // Copyright 2021 Ian Jackson and contributors to Hippotat
2 // SPDX-License-Identifier: GPL-3.0-or-later
3 // There is NO WARRANTY.
8 impl<T> T where T: Debug {
9 fn to_debug(&self) -> String { format!("{:?}", self) }
13 impl<T,E> Result<T,E> where AE: From<E> {
14 fn dcontext<D:Debug>(self, d: D) -> anyhow::Result<T> {
15 self.map_err(|e| AE::from(e)).with_context(|| d.to_debug())
19 #[derive(Error,Debug)]
20 pub enum ReadLimitedError {
21 #[error("maximum size {limit} exceeded")]
22 Truncated { sofar: Box<[u8]>, limit: usize },
24 #[error("HTTP error {0}")]
25 Hyper(#[from] hyper::Error),
28 impl ReadLimitedError {
29 pub fn discard_data(&mut self) { match self {
30 ReadLimitedError::Truncated { sofar,.. } => { mem::take(sofar); },
35 impl<T> Result<T,ReadLimitedError> {
36 fn discard_data(self) -> Self {
37 self.map_err(|mut e| { e.discard_data(); e })
41 #[throws(ReadLimitedError)]
42 pub async fn read_limited_bytes<S>(limit: usize, stream: &mut S) -> Box<[u8]>
43 where S: futures::Stream<Item=Result<hyper::body::Bytes,hyper::Error>>
45 // we also require that the Stream is cancellation-safe
47 let mut accum = vec![];
48 while let Some(item) = stream.next().await {
51 if accum.len() > limit {
52 throw!(ReadLimitedError::Truncated { limit, sofar: accum.into() })
58 pub fn time_t_now() -> u64 {
60 .duration_since(UNIX_EPOCH)
61 .unwrap_or_else(|_| Duration::default()) // clock is being weird
65 use sha2::Digest as _;
67 pub type HmacH = sha2::Sha256;
68 pub const HMAC_B: usize = 64;
69 pub const HMAC_L: usize = 32;
71 pub fn token_hmac(key: &[u8], message: &[u8]) -> [u8; HMAC_L] {
73 let mut padded = [0; HMAC_B];
74 if key.len() > padded.len() {
75 let digest: [u8; HMAC_L] = HmacH::digest(key).into();
76 padded[0..HMAC_L].copy_from_slice(&digest);
78 padded[0.. key.len()].copy_from_slice(key);
82 let mut ikey = key; for k in &mut ikey { *k ^= 0x36; }
83 let mut okey = key; for k in &mut okey { *k ^= 0x5C; }
85 //dbg!(&key, &ikey, &okey);
99 fn hmac_test_vectors(){
102 Key = 0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b
104 Data = 4869205468657265 ("Hi There")
106 HMAC-SHA-256 = b0344c61d8db38535ca8afceaf0bf12b
107 881dc200c9833da726e9376c2e32cff7
110 Key = 4a656665 ("Jefe")
111 Data = 7768617420646f2079612077616e7420 ("what do ya want ")
112 666f72206e6f7468696e673f ("for nothing?")
114 HMAC-SHA-256 = 5bdcc146bf60754e6a042426089575c7
115 5a003f089d2739839dec58b964ec3843
118 Key = aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
120 Data = dddddddddddddddddddddddddddddddd
121 dddddddddddddddddddddddddddddddd
122 dddddddddddddddddddddddddddddddd
125 HMAC-SHA-256 = 773ea91e36800e46854db8ebd09181a7
126 2959098b3ef8c122d9635514ced565fe
129 Key = 0102030405060708090a0b0c0d0e0f10
130 111213141516171819 (25 bytes)
131 Data = cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd
132 cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd
133 cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd
136 HMAC-SHA-256 = 82558a389a443c0ea4cc819899f2083a
137 85f0faa3e578f8077a2e3ff46729665b
141 Key = aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
142 aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
143 aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
144 aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
145 aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
146 aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
147 aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
148 aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
150 Data = 54657374205573696e67204c61726765 ("Test Using Large")
151 72205468616e20426c6f636b2d53697a ("r Than Block-Siz")
152 65204b6579202d2048617368204b6579 ("e Key - Hash Key")
153 204669727374 (" First")
155 HMAC-SHA-256 = 60e431591ee0b67f0d8a26aacbf5b77f
156 8e0bc6213728c5140546040f0ee37f54
158 Key = aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
159 aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
160 aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
161 aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
162 aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
163 aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
164 aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
165 aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
167 Data = 54686973206973206120746573742075 ("This is a test u")
168 73696e672061206c6172676572207468 ("sing a larger th")
169 616e20626c6f636b2d73697a65206b65 ("an block-size ke")
170 7920616e642061206c61726765722074 ("y and a larger t")
171 68616e20626c6f636b2d73697a652064 ("han block-size d")
172 6174612e20546865206b6579206e6565 ("ata. The key nee")
173 647320746f2062652068617368656420 ("ds to be hashed ")
174 6265666f7265206265696e6720757365 ("before being use")
175 642062792074686520484d414320616c ("d by the HMAC al")
176 676f726974686d2e ("gorithm.")
178 HMAC-SHA-256 = 9b09ffa71b942fcb27635fbcd5b0e944
179 bfdc63644f0713938a7f51535c3a35e2
181 let vectors = regex_replace_all!{
186 let vectors = regex_replace_all!{
191 let vectors = regex_replace_all!{
196 let mut lines = vectors.split('\n');
197 assert_eq!( lines.next().unwrap(), "" );
198 let mut get = |prefix| {
199 let l = lines.next()?;
201 let b = l.strip_prefix(prefix).unwrap().as_bytes().chunks(2)
202 .map(|s| str::from_utf8(s).unwrap())
203 .map(|s| { assert_eq!(s.len(), 2); u8::from_str_radix(s,16).unwrap() })
204 .collect::<Vec<u8>>();
207 while let Some(key) = get(" Key = ") {
208 let data = get(" Data = ").unwrap();
209 let exp = get(" HMAC-SHA-256 = ").unwrap();
210 let got = token_hmac(&key, &data);
211 assert_eq!(&got[..], &exp);
~ian / hippotat.git / blob