
mas01mj@732: /*
mas01mj@732:   Copyright (c) 2008, Adobe Systems Incorporated
mas01mj@732:   All rights reserved.
mas01mj@732: 
mas01mj@732:   Redistribution and use in source and binary forms, with or without 
mas01mj@732:   modification, are permitted provided that the following conditions are
mas01mj@732:   met:
mas01mj@732: 
mas01mj@732:   * Redistributions of source code must retain the above copyright notice, 
mas01mj@732:     this list of conditions and the following disclaimer.
mas01mj@732:   
mas01mj@732:   * Redistributions in binary form must reproduce the above copyright
mas01mj@732:     notice, this list of conditions and the following disclaimer in the 
mas01mj@732:     documentation and/or other materials provided with the distribution.
mas01mj@732:   
mas01mj@732:   * Neither the name of Adobe Systems Incorporated nor the names of its 
mas01mj@732:     contributors may be used to endorse or promote products derived from 
mas01mj@732:     this software without specific prior written permission.
mas01mj@732: 
mas01mj@732:   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS
mas01mj@732:   IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
mas01mj@732:   THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
mas01mj@732:   PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR 
mas01mj@732:   CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
mas01mj@732:   EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
mas01mj@732:   PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
mas01mj@732:   PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
mas01mj@732:   LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
mas01mj@732:   NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
mas01mj@732:   SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
mas01mj@732: */
mas01mj@732: 
mas01mj@732: package com.adobe.crypto {
mas01mj@732: 	import flash.utils.ByteArray;
mas01mj@732: 	import flash.utils.Endian;
mas01mj@732: 	import flash.utils.describeType;
mas01mj@732: 	/**
mas01mj@732: 	 * Keyed-Hashing for Message Authentication
mas01mj@732: 	 * Implementation based on algorithm description at 
mas01mj@732: 	 * http://www.faqs.org/rfcs/rfc2104.html
mas01mj@732: 	 */
mas01mj@732: 	public class HMAC 
mas01mj@732: 	{
mas01mj@732: 		/**
mas01mj@732: 		 * Performs the HMAC hash algorithm using byte arrays.
mas01mj@732: 		 *
mas01mj@732: 		 * @param secret The secret key
mas01mj@732: 		 * @param message The message to hash
mas01mj@732: 		 * @param algorithm Hash object to use
mas01mj@732: 		 * @return A string containing the hash value of message
mas01mj@732: 		 * @langversion ActionScript 3.0
mas01mj@732: 		 * @playerversion Flash 8.5
mas01mj@732: 		 * @tiptext
mas01mj@732: 		 */
mas01mj@732: 		public static function hash( secret:String, message:String, algorithm:Object = null ):String
mas01mj@732: 		{
mas01mj@732: 			var text:ByteArray = new ByteArray();
mas01mj@732: 			var k_secret:ByteArray = new ByteArray();
mas01mj@732: 			
mas01mj@732: 			text.writeUTFBytes(message);
mas01mj@732: 			k_secret.writeUTFBytes(secret);
mas01mj@732: 			
mas01mj@732: 			return hashBytes(k_secret, text, algorithm);
mas01mj@732: 		}
mas01mj@732: 		
mas01mj@732: 		/**
mas01mj@732: 		 * Performs the HMAC hash algorithm using string.
mas01mj@732: 		 *
mas01mj@732: 		 * @param secret The secret key
mas01mj@732: 		 * @param message The message to hash
mas01mj@732: 		 * @param algorithm Hash object to use
mas01mj@732: 		 * @return A string containing the hash value of message
mas01mj@732: 		 * @langversion ActionScript 3.0
mas01mj@732: 		 * @playerversion Flash 8.5
mas01mj@732: 		 * @tiptext
mas01mj@732: 		 */
mas01mj@732: 		public static function hashBytes( secret:ByteArray, message:ByteArray, algorithm:Object = null ):String
mas01mj@732: 		{
mas01mj@732: 			var ipad:ByteArray = new ByteArray();
mas01mj@732: 			var opad:ByteArray = new ByteArray();
mas01mj@732: 			var endian:String = Endian.BIG_ENDIAN;
mas01mj@732: 			
mas01mj@732: 			if(algorithm == null){
mas01mj@732: 				algorithm = MD5;
mas01mj@732: 			}
mas01mj@732: 			
mas01mj@732: 			if ( describeType(algorithm).@name.toString() == "com.adobe.crypto::MD5" ) {
mas01mj@732: 				endian = Endian.LITTLE_ENDIAN;
mas01mj@732: 			}
mas01mj@732: 			
mas01mj@732: 			if ( secret.length > 64 ) {
mas01mj@732: 				algorithm.hashBytes(secret);
mas01mj@732: 				secret = new ByteArray();
mas01mj@732: 				secret.endian = endian;
mas01mj@732: 				
mas01mj@732: 				while ( algorithm.digest.bytesAvailable != 0 ) {
mas01mj@732: 					secret.writeInt(algorithm.digest.readInt());
mas01mj@732: 				}
mas01mj@732: 			}
mas01mj@732: 
mas01mj@732: 			secret.length = 64
mas01mj@732: 			secret.position = 0;
mas01mj@732: 			for ( var x:int = 0; x < 64; x++ ) {
mas01mj@732: 				var byte:int = secret.readByte();
mas01mj@732: 				ipad.writeByte(0x36 ^ byte);
mas01mj@732: 				opad.writeByte(0x5c ^ byte);
mas01mj@732: 			}
mas01mj@732: 			
mas01mj@732: 			ipad.writeBytes(message);
mas01mj@732: 			algorithm.hashBytes(ipad);
mas01mj@732: 			var tmp:ByteArray = new ByteArray();
mas01mj@732: 			tmp.endian = endian;	
mas01mj@732: 			
mas01mj@732: 			while ( algorithm.digest.bytesAvailable != 0 ) {
mas01mj@732: 				tmp.writeInt(algorithm.digest.readInt());
mas01mj@732: 			}
mas01mj@732: 			tmp.position = 0;
mas01mj@732: 			
mas01mj@732: 			while ( tmp.bytesAvailable != 0 ) {
mas01mj@732: 				opad.writeByte(tmp.readUnsignedByte());
mas01mj@732: 			}
mas01mj@732: 			return algorithm.hashBytes( opad );
mas01mj@732: 		}
mas01mj@732: 		
mas01mj@732: 	}
mas01mj@732: 	
mas01mj@732: }