ring
ring copied to clipboard
HMAC: Unify multi-part signing and verification
This is not the same as the role fulfilled by the SigningContext
. The
newly introduced API requires the complete message to be somewhere in
memory, it only does not require those chunks to be contiguous or in a
particular order. This prevents misuse of I-U-F (init-update-finalize)
style API for verification while aligning the available alternatives for
signing and verification. In particular, it is no longer necessary to
compare Tags directly for multi-part messages—provided the parts can be
referenced in memory simultaneously.
Closes: #615
Third iteration of the PR, it also updates a bunch of documentation.
@HeroicKatora you also might want to rebase this PR on master, as that should fix some of the CI issues.
@HeroicKatora Could you, at a minimum, please add the text at https://github.com/briansmith/ring#contributing to the end of each individual commit?
Then, if you have time, could you rebase on master? Or, if you don't have time, if you add that text to the commit messages I can do the rebase for you.
FYI, I updated the base branch of this PR to "main" so I can start the process of removing "master." Also, I changed the title of the PR to include "HMAC:"
Sorry I didn't pay attention to this PR before. I do think this is a good idea.
I'll try to fit the rebase in this weekend. If I for some reason don't find the time for it then at least the footer has been added to the commit messages.
I've completed the rebase. As far as I can tell the build failure is related to the Windows build chain and not to the commits, though I'm not 100% sure. Feel free to amend and force-push if there are any remaining small changes.